Exclusive: ‘Handholding’ required in un-secure world – Part 2March 13 - 8am
In the constantly changing world of technology, one area remains constant: the need for security. Heather Wright gets some expert views.
Last year ended with plenty of publicity for Cryptolocker, and Patrick Devlin, Watchguard ANZ regional director says we will probably see more variants and new infection vectors based on the success of Cryptolocker.
“Anything that makes money is likely to spawn a whole family of copycats,” he notes.
It is advanced persistent threats, however, that Devlin believes will dominate 2014 locally. “2014 is likely to be the year APTs become front of mind for the wider community.
“News of the International Space Station being infected made many people realise that even non-internet-networked systems are at risk. These attacks are very professionally built to beat normal defences, and have been shown to evolve and be very effective in the wild.
“In the past they have infected SCADA systems – even Google’s Sydney office got hit this year. Many APTs are well funded espionage tools capable of everything from remote control to video and audio surveillance.”
And, on the subject of APTs, Devlin says Zeusbot ‘just keeps hanging around’ because traditional firewalls have no visibility of it. “Many businesses still think IPS is too expensive or an acronym they needn’t worry about.
Meanwhile, Eset’s Malcho says mobile devices will also figure heavily in security concerns over the coming year.
“Mobile devices are being used more and more for internet banking. That has resulted in a gradual shift of interest from the bad guys. Defeating two- factor authentication has become commonplace for modern banking Trojans, now routinely having a mobile component to steal one-time passwords and interfere with the payment process at the mobile endpoint.
“Also, we’re seeing banking Trojans aiming more at enterprise customers, especially SME’s – with a higher monetary value than consumers, and less IT security sophistication than large enterprises – thus hoping to get to accounts with a higher balance, and targeting applications that automate online transactions and banking software.”
Malcho says while the absolute numbers of malware targeting mobile platforms is low – with Android by far the most prevalent – the significance of the attacks is high for victims, since they typically lose money, but may be reluctant to admit how foolish they feel.
“Spying Trojans and banking Trojans always follow the money trail and now turn their attention to Bitcoin, and other similar currencies, directly aiming to steal digital wallets.”
He says DDoS attacks and web defacements will continue with more attacks against critical infrastructure on the internet, be it government sites or privately held industry targets, with some being deliberate, well thought out attacks, but many being attackers probing to see the possibilities.
“Targeted attacks have become a part of our lives, whether we’re talking about espionage or sabotage, and if you are an entity with valuable IP/data, you’d better think twice about the security.”
Talking about checking possibilities and hacking/cracking for fun, Malcho says Eset is seeing attempts to crack any smart devices and find weaknesses in their design and implementation. “This concerns any device you can connect to, such as SmartTVs, intelligent houses – alarm systems, devices – and so on.
The cloud and (dis)trust
Edward Snowden’s revelations last year triggered a wave of distrust in cloud service providers, since it’s not entirely certain who actually sees the data, Malcho says.
“We might be seeing more regulation coming into this area, however, that will hardly satisfy the clients’ worries that certain authorities and institutions who are ‘above the law’ in a particular country have more access to their data than they would like,” he says.
“Expect to see a strong interest in locally hosted, encrypted back-up and file storage in New Zealand,” Malcho adds.
Devlin sounds an even darker warning on the cloud front. “2014 will be a year of cloud security issues. There are some big fat, juicy targets out there right now and the same exploits that affect a business can also affect a massive cloud provider.
“I further expect a lot of cloud providers to start going out of business, putting customer data at risk – it’s expensive to set up the infrastructure for a cloud and, unless you get critical mass of customers quickly, the banks will start calling in the debts without regard for your data.
“When the hosting closes down, those customers who spent lots of time and money to move their data to the cloud might find it tough to rapidly move it back.”
To read Part 1 of this exclusive interview for The Channel click here, and check back to Techday.com on Tuesday for the final part…