A recent assessment in a tech periodical called eWeek discusses 2011 Network Security Breaches and looking forward to 2012. Some highlights of this article..
Attacks in 2011 fell into four categories: cyber-crime, hacktivism, cyber-espionage and cyber-warfare, according to Clarke.
Defense contractors, government agencies, and other public and private organizations reported network breaches where attackers stole intellectual property, financial data and other sensitive data. Hacktivist groups such as Anonymous and LulzSec demonstrated how much damage they can cause large organizations by employing fairly well-known techniques against the application layer.
What’s the security outlook for 2012? It’s appears gloomy, as security experts warn that cyber-attackers will target applications, mobile devices and social networking sites. There will be more social engineering as attackers research victims beforehand to craft even more targeted attacks.
For website attacks in the form of SQL injection attacks and cross site scripting attacks that take over websites and infect the viewers of the site:
Attackers targeted applications through SQL injection and cross-site scripting attacks to get access to sensitive data, said Lori MacVittie, senior technical marketing manager at F5 Networks. There are more kits and exploit tools released that exploit certain vulnerabilities, making it easier for even less skilled attackers to launch sophisticated attacks. There will be more of these tools in 2012, she said.
Social media and social engineering to phish for people to give up their accounts and information also was discussed:
…Forrester estimated 76 percent of enterprises allow some access to social networking sites from within the corporate networks, and 41 percent allow “unfettered access” to these sites. Many of the data breach and cyber-attack headlines in 2011 were social engineering attacks that exploited email and the Web as an attack vector, according to Rick Holland, a Forrester analyst.
Finally they discussed the incredible exploits that are infecting Android cell phones and tablets – and the threat to the future of the platform:
Malware developed for mobile platforms exploded in volume and sophistication, according to Juniper Networks’ Global Threat Center. Criminals released a mobile version of the Zeus Trojan designed to intercept security controls used for online banking for several mobile platforms. Many users were infected with malware that turned their smartphones into zombies participating in a botnet without their knowledge.
All in all security in both households and corporations are growing rapidly and will require greater protections. Where carelessness in network security was something that could be common attitude in companies trying to concentrate on revenue,their access to the Internet could cripple their entire profit through unplanned IT costs.
Call Menlo Technical today to get a better understanding of how to protect your Intellectual Property and set up your networks and devices for the coming onslaught of 2012.