Please note that this is a page from a previous version of Continuity Central and is no longer being updated.

To see the latest business continuity news, jobs and information click here.

Business continuity information

Cyber threats forecast for 2012

2012 will feature new and increasingly sophisticated means to capture and exploit user data, as well as escalating battles over the control of online information that threatens to compromise content and erode public trust and privacy. Those were the findings in the Georgia Tech Emerging Cyber Threats Report for 2012 report. The report was released at the annual Georgia Tech Cyber Security Summit, a gathering of industry and academic leaders who have distinguished themselves in the field of cyber security.

According to the report, specific issues which are expected to cause the most problems to organizations in 2012 are:

1) The mobile threat vector — managing tensions between usability, security and scale

- Mobile applications rely increasingly on the browser, presenting unique challenges to security in terms of usability and scale.
- Expect compound threats targeting mobile devices to use SMS, e-mail and the mobile Web browser to launch an attack, then silently record and steal data.
- While USB flash drives have long been recognized for their ability to spread malware, mobile phones are becoming a new vector that could introduce attacks on otherwise-protected systems.
- Encapsulation and encryption for sensitive portions of a mobile device can strengthen security.

2) Botnets — the evolving nature of adversaries, tactics, techniques and procedure

- Botnet controllers build massive information profiles on their compromised users and sell the data to the highest bidder.
- Advanced persistent adversaries query botnet operators in search of already compromised machines belonging to their attack targets.
- Bad guys will borrow techniques from Black Hat SEO to deceive current botnet defenses like dynamic reputation systems.

3) Controlling information online — a new frontier in information security

- Security researchers are currently debating whether personalization online could become a form of censorship.
- Attackers are performing search engine optimization to help their malicious sites rank highly in search results.
- The trend in compromised certificate authorities exposes numerous weaknesses in the overall trust model for the Internet.

4) Advanced persistent threats and the intersection of cyber threats with physical and critical infrastructure

- Advanced persistent threats will adapt to security measures until malicious objectives are achieved.
- Human error, lack of user education and weak passwords are still major vulnerabilities.
- Cloud computing and computer hardware may present new avenues of attack, with all malware moving down the stack.
- Large, flat networks with perimeter defenses at the Internet ingress/egress point break down quickly in the face of advanced persistent threats.

Read the full report (PDF).

•Date: 12th October 2011 • Region: World •Type: Article • Topic: Information security

Business Continuity Newsletter Sign up for Continuity Briefing, our weekly roundup of business continuity news. For news as it happens, subscribe to Continuity Central on Twitter.

How to advertise How to advertise on Continuity Central.

To submit news stories to Continuity Central, e-mail the editor.

Want an RSS newsfeed for your website? Click here