Information Security Today Home

New Books on Cloud Security

Android Malware and Analysis by Ken Dunham, Shane Hartman, Manu Quintans, Jose Andre Morales, and Tim Strazzere; ISBN 978-1-4822-5219-4
Biometric Technology: Authentication, Biocryptography, and Cloud-Based Architecture by Ravi Das; ISBN 978-1-4665-9245-2
Practical Cryptography: Algorithms and Implementations Using C++ edited by Saiful Azad and Al-Sakib Khan Pathan: ISBN 978-1-4822-2889-2
Multilevel Security for Relational Databases by Osama S. Faragallah, El-Sayed M. El-Rabaie, Fathi E. Abd El-Samie, Ahmed I. Sallam, and Hala S. El-SayedI ISBN 978-1-4822-0539-8
Ethical Hacking and Penetration Testing Guide by Rafay Baloch; ISBN 9781482231618
The Frugal CISO: Using Innovation and Smart Approaches to Maximize Your Security Posture by Kerry Ann Anderson; ISBN 9781482220070

2015 Security Predictions: Retail Repeats, Ransomware, and More

By Tom Cross, Director of Security Research, Lancope, Inc.

The year's end is always an opportunity to take stock of where we've been and see what predictions we can make about the future. Certainly, 2014 was a big year for computer security and there have been a number of major developments that may point toward the types of challenges we'll be facing in 2015.

Continued Retail Point of Sale Infections
In late 2013, the FBI stated that they "believe POS malware crime will continue to grow over the near term despite law enforcement and security firms' actions to mitigate it." A year later, this prediction has proven to be correct, as we continue to hear about infections at large retailers. At Lancope, we still don't see any sign of this activity slowing down. Criminals have a proven, repeatable process here that is extremely lucrative.

One development that we may see in 2015 is the first major retailer to get compromised a second time. As there is no silver bullet that can absolutely eliminate the risk of these attacks, the steps that some retailers are taking may prove to be inadequate, leading to a repeat compromise. Unfortunately, we don't think the public will be kind to such a retailer, in spite of the challenges associated with combating this threat.

Heartbleed, Shellshock, POODLE, now what?
There have been several noteworthy vulnerability disclosures in 2015, and that has caused some observers to ask if this represents some sort of new trend. The answer is that is does and it doesn't. The reality is that thousands of new security vulnerabilities are disclosed every year, and there is a constant effort by researchers to find new ones. Every once in a while, a researcher will come across a vulnerability that is particularly technically significant, and we just happen to have seen a few of these so far this year. However, widespread improvements in software design, development and testing practices over the past few years have reduced the frequency at which significant, remotely exploitable vulnerabilities are discovered. So really, the overall trend regarding these kinds of issues is a downward one, despite this year's experiences.

What makes some of this year's vulnerabilities interesting, however, is that they don't fit the mold of typical memory management vulnerabilities, and they were lurking in production codebases for many years before they were discovered. Those factors will motivate researchers to look for similar bugs in other places, and that may mean that we see some related vulnerability disclosures in 2015.

The Ransomware Bandwagon
For years, cryptographic ransomware has been a feature of academic publications, but in 2013, CryptoLocker validated the approach in a crime spree that claimed hard drives all over the world and netted millions of dollars in illicit gains. In the middle of the summer of 2014, an international coalition of law enforcement agencies and cybercrime investigators took action against the command-and-control infrastructure behind CryptoLocker as well as the botnet used to spread it (known as Gameover Zeus). A Russian individual, Evgeniy Bogachev, was named as the mastermind behind these operations, but unfortunately, he has not been brought to justice, and has subsequently launched at least two new botnets, collectively referred to as NewGOZ, or Gameover Zeus Extra Life.

We can safely expect more cybercrime activity out of Evgeniy Bogachev in 2015, and now that ransomware has proven to be such a lucrative opportunity for criminals, there will be a number of new operations that hop on the bandwagon. Our advice continues to be that anyone with a computer system needs to have a robust backup plan so that they can recover their files in the event that they become a victim of one of these attacks. Paying the ransom to recover files just helps fuel this criminal activity.

Botnets of Things
This fall, Lancope infiltrated a botnet that was infecting computer systems by exploiting the Shellshock vulnerability. One interesting aspect of this botnet is the type of systems that were infected - approximately 9 percent of them were office phone systems. These weren't the only unusual devices affected by Shellshock. One security researcher reported the vulnerability in an appliance that broadcasters use to transmit Emergency Alert System messages. If an attacker controlled such an appliance, they could interfere with emergency broadcasts and transmit arbitrary audio over the airwaves.

As the devices in our world become more computerized and more likely to be connected to the Internet, they'll become exposed to the kinds of security issues that normally impact desktop computer systems and servers. Botnet infected home climate control systems, ice skating rinks, and television sets, and perhaps even automobiles, may be a reality that we begin to cope with in the next few years.

As 2015 draws near,
the popularity of cybercrime continues to grow. People sometimes ask us if we'll ever completely solve the problem. It's worth pointing out that we haven't solved the problem of bank robberies yet. What we can do is minimize the risk, manage the problem, and be prepared for the worst when it hits us. That's what we need to be thinking about from a cybersecurity standpoint - are we as prepared as we should be?


 
Subscribe to Information Security Today






Share This Article

Bookmark and Share


© Copyright 2014 Auerbach Publications