As the year draws to a close, we at Juniper thought it would be useful to reflect on some of the most interesting developments in the threat landscape in 2012. Are the same attack methods taking center-stage or have new approaches entered the scene? How are companies responding to data breaches?
To find out, let’s review the biggest trends in cyber attacks based on our security research and conversations with key customers, partners and friends in the industry.
1. Simple attack methods on web applications remain effective
Many of the large public companies compromised in the last year fell victim to web application vulnerabilities like SQL Injection and Cross Site Scripting. These types of attacks have been known about for several years and remain a popular hacking method because of the relatively low level of sophistication needed and the potential difficulty in preventing them. For instance, the Yahoo breach earlier this year was a result of a federated SQL Injection attack. The attack was easy and quick to carry out, yet destructive in nature.
2. Mobile malware and application-centric threats continue to pose a risk to enterprise data
With the continued adoption of Bring Your Own Device policies in the workplace, the risk of mobile malware and invasive applications infiltrating critical corporate data continues to be a top concern. Indeed, 2012 saw a significant increase in the amount of malware and invasive apps aimed at mobile users with a 350 percent increase in mobile malware from Oct. 2011-Oct. 2012, and free applications being four times more likely to track user location and three times more likely to access address books than paid apps.
3. Increased transparency about data breaches
As the frequency of data breaches continues to increase, companies are judged more on how they handle incidents than if they experience an issue. It seems that many companies, who in the past would have hidden a breach, are now being open and honest about it with the public and their customers. Many companies are still not providing extreme detail about the nature of a breach, but they are taking a publicity risk by acknowledging their existence. Ultimately, this is a very promising development in the industry because it will help raise awareness about the importance of security.
4. Increase in politically motivated attacks
Following the success of Anonymous and Lulz Security to capture the public’s attention, 2012 saw several new politically motivated actors enter the threat landscape. Several new groups have entered the scene including a group based in the Middle Eastern that claimed responsibility for attacks of Saudi Aramco. Team Ghost Shell exposed information for several government agencies and trolling group GNAA were also successful in spreading a worm through Tumblr.
5. Botnets take a beating
Building on earlier success, public/private partnerships were successful in taking down several prominent botnets responsible for everything from spam to the Zeus banking Trojan. Through a combination of forensic security research and novel legal arguments, researchers were able to block the command and control systems of some of the most infamous botnets.
6. Sophisticated mobile NFC vulnerabilities exposed
Possibly the most interesting development in the mobile security space is several vulnerabilities exposed related to the use of Near Field Communication (NFC) technology. NFC has been around for a decade, but 2012 marked an upswing in the U.S. with mass availability of financial and “mobile wallet” apps using the technology. And, it’s already proven to be a popular use case for demonstrating potential security hacks. At Black Hat this year, security researchers demonstrated how easy it is to remotely control a device by exploiting NFC. While an actual hack has yet to occur on a NFC-based mobile application, the technology will remain a likely target as consumer adoption increases.
7. Advanced Attacks Targeting Government Infrastructure
While the existence of state-sponsored cyberattacks and espionage on critical government and business systems has existed for years, 2012 saw a significant uptick in sophisticated malware and other attacks. We learned about several new attacks aimed squarely at key government interests in the Middle East including recent Flame and Gauss cyber-espionage malware. Responding to these threats, we’ve seen several countries invest in new cybersecurity capabilities, including the U.K. and Hong Kong.
These are just a few top trends we noticed, but realize there are several others. What are some of the most interesting cyber security trends you saw in the last year?
Discussing a wide range of topics impacting enterprises and
data center security.