Asia's Source for Enterprise Network Knowledge

Monday, December 22nd, 2014

Information security management

Four major threats that will keep enterprises on edge in 2012

If the past is anything to live by, 2012 will be a year of continued vigilance within the IT departments of most enterprises in Hong Kong, in fact in Asia. The Internet had made sure that the world is a smaller place, particularly when it comes to protecting a most precious asset – information.
 
Four key themes from 2011 will continue to grow throughout 2012.  
 
Advanced persistent threats (APTs) continued to target industrial control-related organizations, while critical infrastructure protection program awareness and engagement waned.
 
A recent Symantec Critical Infrastructure Protection (CIP) Survey found that companies are generally less engaged in their government's CIP programs this year when compared to last. In fact, only 37 percent of companies are completely or significantly engaged in such programs this year, versus 56 percent in 2010. Overall CIP readiness on a global scale fell an average of eight points. 
 
When combined with recent revelations around the Duqu threat, the findings of the CIP Survey are particularly troubling. Duqu's purpose was to gather intelligence data and assets from organizations such as manufacturers of components commonly found in industrial control environments. The attackers behind Duqu were looking for information such as design documents that could help them mount a future attack on an industrial control facility. Thus, Duqu is essentially the precursor to a future Stuxnet. 
It's quite likely that 2011 saw the foundation for the next Stuxnet-like attack being laid. 
 
As the use of smart mobile devices has exploded, the risks surrounding them – particularly mobile malware and data loss – have also experienced unprecedented growth.
 
Gartner estimate sales of smartphones will exceed 461 million by the end 2011, surpassing PC shipments. The combined sales of smartphones and tablets will be 44 percent greater than the PC market by the end of 2011.  
 
This explosion has captured cybercriminals' attention and as a result, 2011 saw significant real growth in the amount of mobile malware. From malware simply seeking to embarrass victims to malware exploiting premium rate number billing, to malware focused on information theft, it's undeniable that 2011 was the first year mobile malware presented a true threat to enterprises and consumers. 
 
Despite 2011 being a year of external hacks, internal security experts have already begun to shift their focus on insiders one again triggered by the proliferation of mobile devices, including tablet PCs. Users are bringing their tablets into corporate infrastructures far faster than an organization's ability to secure and manage them and protect the information the employees can access via the tablets. 
 
Organizations are seeing an increase in employee productivity and happiness that tablets bring to the business culture. But rapid adoption of tablets can leave organizations vulnerable to data loss from insiders, both malicious and well-meaning. With tablets in hand, the concern has become insiders that fly under the radar of IT to access and send sensitive data, and in the case of the malicious insider, steal highly confidential intellectual property. 
 
Cybercrime's spread from the criminal underground to the business mainstream was highlighted by a surge in targeted attacks.
 
Symantec's November Intelligence Report shows that targeted attacks are becoming more prevalent in 2011. Large enterprises, with more than 2,500 employees, received the greatest number of attacks, with 36.7 targeted attacks being blocked each day during 2011.
 
The increasing number of targeted attacks is being driven at least in part by competitive advantage as companies exploit digital espionage to acquire sensitive, proprietary data from competitors.  
 
High-profile hacks of Secure Sockets Layer (SSL) Certificate providers and malware threats that misuse SSL certificates became an issue in 2011, driving SSL Certificate Authorities (CAs) and website owners to take stricter security measures to protect themselves and their customers.