Security lessons from 2012
DDoS attacks on banks, cyberwarfare should be high on security agendas
Computerworld - For all the apocalyptic prognostications, 2012 turned out to be a relatively uneventful year from an information security standpoint.
A cyber Pearl Harbor did not happen. Stuxnet and its kin did not take out any power grids or shut down cities. Mobile threats continued to escalate and malware became more sophisticated, but none were as game-changing in nature as Stuxnet was. While there were still plenty of data breaches, including a handful of big ones, they were much smaller in scope compared to the TJX and Heartland breaches of a few years ago.
Even so, several security related events in 2012 could well be harbingers of things to come in 2013.
DDoS attacks on banks
In the second half of 2012, U.S. financial services organizations became targets of sophisticated, high bandwidth distributed denial-of-service attacks launched by politically and financially motivated groups. Several banks experienced severe disruptions to their online banking operations as a result of the DDoS attacks.
Often, the attacks were accompanied by online fraud and account takeovers. The weapon of choice in many of the attacks was a toolkit called Itosknoproblembro which was capable of generating close to 70GBps of DDoS traffic and designed to launch multiple DDoS attacks simultaneously.
Such attacks could become increasingly common this year, according to Gartner analyst Avivah Litan. It's not just banks that will be targets, but enterprises as well. According to security firm Prolexic, the average bandwidth in DDoS attacks in 2012 was around 4.9Gbps, a 200% increase from just a year ago. Attacks averaging 20GBps of DDoS traffic happened with alarming frequency in 2012 compared to the smattering of them in previous years, according to Prolexic.
"This is definitely a threat to the day-to-day workings of our financial systems," Litan said. Banks in general, "should add DDoS attacks to the checklist of things to worry about when trying to prevent fraud," Litan said. "I don't expect [the attacks] to let up in 2013. To the contrary, I expect them to increase since so far they have generally been successful," she said.
Shamoon, Flame and other cyber sabotage malware
About 30,000 Windows PCs at Saudi oil company Saudi Aramco were believed to have been rendered unusable in August after they were infected by a particularly destructive virus called Shamoon. The virus was noteworthy because it not only corrupted and deleted files, but also completely overwrote the Master Boot Record on Windows PCs thereby rendering them useless.
Though Aramaco downplayed the seriousness of the incident, Shamoon stirred concern at the highest levels of the U.S. government. In a speech at a meeting of Business Executives for National Security (BENS) in New York, U.S. Secretary of Defense Leon Panetta described Shamoon as one of the most destructive viruses ever and one that could be used to launch an attack as calamitous as the 9/11 attacks.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts