infoTECH Feature

December 18, 2012

Security Threats in 2013: Exploits, Hacks, and Mutations

Every year is a big year when it comes to computer security, and 2013 looks to be no different. The director of Security Research and Development with nCircle, Lamar Bailey, has recently released his list of big potential problems to watch for with the dawning of the new year, and it looks to be as dangerous for computers as ever.

2013, according to Bailey's report, will feature four major classifications of security threat: rogue employees, so-called “hacktivists” with political motivations, and both cyber-criminals and cyber-terrorists, which actually have two different key motivations. But what's worse is that these four primary threats are all going to prove to be extremely adaptive, and thus, much harder than normal to keep at bay.

Exploiting code platforms, like those of JavaScript, HTML5 and others will be a big problem for IT departments as those four major classifications use tools that are themselves continually evolving for less than wholesome purposes. Making things worse in the short term is a major new operating system switch in the wings in the form of the Windows 8 release that's still ongoing for many places. What that all boils down to is that all those bad actors listed above are going to be turning their attention to taking advantage of vulnerabilities in tools that are changing on a regular basis. So not only will there be a regular threat, that threat will also be able to regularly change tacks as the systems themselves evolve, making a double-sided threat for IT. Not only will IT have to keep ahead of the changes posed by the systems themselves, but also for potential problems that can emerge from these changes by outside agitators.

More specifically, Bailey's report suggests that IT departments particularly watch the following systems for potential abuse and intrusion: Adobe (News - Alert) Acrobat and its accompanying Reader, SQL injection, exploit kits, malicious or otherwise compromised websites, and zero-day browser threats. Given that Bailey, and nCircle by extension, have a wide array of big-name clients to their credit in names like Facebook (News - Alert) and Salesforce.com, it's worth taking their projections seriously.

Indeed, the dangers cited are clear and present. Rogue employees have sufficient motivation and inside knowledge to pose serious dangers and may have little more reason than a promotion denied or a job lost to launch a campaign of sabotage in their wake. With the economy in the state it's in, that means most any employee that gets laid off today may prove to be a longer-term thorn in the side than expected tomorrow. Cyber-criminals are often eager for gain in general, while both “hacktivists” and cyber-terrorists may seem similar in their motives but separate in their methodologies. Each of them has specific methods involved in their repulsion, but knowing which is attacking at any given time is a tall order to say the least.

Bailey's report concluded with one piece of advice for IT professionals everywhere: “IT security professionals must wake up and smell the coffee. They really do need to adapt to the new and constantly changing threat landscape, otherwise the cybercriminals will end up winning the battle for their digital assets.”

That's good advice, no matter what field it's addressing.

Want to learn more about the latest in communications and technology? Then be sure to attend ITEXPO Miami 2013, Jan 29- Feb. 1 in Miami, Florida.  Stay in touch with everything happening at ITEXPO (News - Alert). Follow us on Twitter.




Edited by Brooke Neuman
FOLLOW US

Subscribe to InfoTECH Spotlight eNews

InfoTECH Spotlight eNews delivers the latest news impacting technology in the IT industry each week. Sign up to receive FREE breaking news today!
FREE eNewsletter

infoTECH Whitepapers