Top 9 Network Security Threats in 2009
Perimeter e-Security's Kevin Prince offers his predictions on the new year's threat landscape
By Kevin Prince
December 29, 2008 — CSO — 2008 is nearly in the rear view mirror, and as we prepare for 2009, one must ask the question "What network security threats (new and old) are we going to have to deal with in the coming year?" But first, let's analyze 2008 compared to what we expected a year ago.
2008 Network Security Threats In Review
Malware, especially from compromised web sites, was a huge issue in 2008. Many legitimate sites such as MSNBC.com, History.com, ZDNet.com and many others suffered compromises, in some cases for days. Unlike the past, the sites looked normal, but unsuspecting web surfers with vulnerable systems were exploited when they visited these sites.
Search engines were used, such as Google, to compromise systems. This happened in several ways, including:
- Tricking the search engine indexing and results logic to escalate malicious web sites to the top of the list where users were more likely click on it.
- Using the "paid for" or "sponsored links" areas of search engines to direct users to compromised sites.
As predicted, hackers towards compromising end points (individual systems such as desktops, laptops and servers) and placed less emphasis on external direct attacks - although this still happens frequently.
On the flip side, we expected botnets to play a larger role in 2008. While botnets increased in size, scope, and sophistication, they weren't used to the scale expected. Basically, botnet controllers were sowing more and reaping less in 2008.
Also, out of the blue, we had the whole DNS exploit issue come back from the dead. We saw a lot of these in the 90's when DNS was first used and then we went nearly a decade without many DNS flaws. I don't think anyone expected a core DNS vulnerability on a worldwide scale. The good news is that very few known cases of serious exploits occurred.
Vista had fewer serious security vulnerabilities than expected. This may be because so few people are migrating to Vista and many even downgraded to XP. I imagine that if more people were using Vista, 1) we would find more vulnerabilities and 2) more attackers would spend time trying to exploit it. Attackers are all about bang for the buck. If most people are still using XP, they will focus on XP. It is just that simple.
Looking Forward to 2009
What data security threats will be most prevalent? Let me first start with some general predictions.
- The volume of attacks from international sources has and will continue to increase especially towards government and military networks. The fog is beginning to lift and as it does we will see the vast majority of these attacks coming from China and being tied to government sponsorship.
- Data security breaches tied to theft will significantly increase. It will not surprise anyone that mobile devices are stolen most often.
- The sophistication of application level attacks such as SQL injection, buffer overflow, cross site scripting (XSS) and others will increase. These will be directed towards high traffic web sites (news sites or social networking sites) that, when compromised, will install malware to a large numbers of users.
- For the most part, botnets will not need to be the concern of small business or consumers. Service providers and large enterprises have added steps (perhaps just in time) to reduce the challenges of botnets.
- Bandwidth consumption will percolate higher in the list of IT challenges for organizations of all sizes. More and more users will use the web to download content. Our appetite has changed from text with a few graphics to streaming high definition video, huge downloads, and YouTube.