An anonymous reader writes: Solera Networks Foresees Top Threats for 2012, Recommends Security Resolutions for Increased Online Safety in the New Year
Salt Lake City, UT – January 11, 2012 – Solera Networks, the leading Network Security Analytics platform provider, today announced security predictions for 2012: rampant spam-driven attacks; multiple manifestations of classic social engineering scams; the high probability of attacks against industrial automation; and significant increases in malware. Based on activity levels observed in the second half of 2011, the growing pace, volume and sophistication of attacks suggest consumers, small businesses and corporations will need to grow increasingly vigilant over the next year. The company also provided five simple activities that, when added to a list of New Year’s resolutions, should prove helpful in protecting Internet users from these threats.
Solera Networks Research Lab’s top five threats for 2012:
Increasing attacks staged through legitimate but compromised sites
From tiny collectives to large organizations, the continued existence of unpatched, vulnerable Web sites are poised to become a substantial problem in the near future. The number of these vulnerable Web sites combined with an abundance of keylogger malware available today suggests a rapidly increasing number of sites will be used to redirect unsuspecting victims to exploit kits.
Scripted exploits targeting vulnerable browser plug-ins
Malicious Spam Increases
Malicious spam in 2012 will follow the patterns set in late 2011. Every available delivery method – email, social networks, and IM, as zipped malware attached to the messages, or links to malicious pages – and any other conceivable form is up for grabs: shipping confirmations, missed deliveries, credit warnings and statements, utility bills, complaints to the Better Business Bureau, online order confirmations, bank statements, electronic funds transfer notices and “friend notification” emails from social networking sites. These new and innovative social engineering tactics will ensnare unsuspecting victims with increasingly sophisticated malware.
SCADA systems remain a key target
SCADA systems don’t just control plutonium enrichment centrifuges. They control things as mundane as the hot water boilers in large steam heating systems, the electrical systems of large office buildings, and the telephone switches in hospitals and universities. Many Internet-connected SCADA systems have been left wide open to the world. If the operators of these systems don’t take immediate action to lock down the public Web interface to their SCADA-controlled devices, it could be only a matter of time before someone decides to cause deliberate harm, shutting off a critical system in a time of need.
Continued increase of malicious smart phone applications
The volume of copycat Android malware is increasing rapidly. Today, threats include everything from local scam artists to entire markets hosted on overseas sites. Users will need to exercise extreme caution installing anything onto their smart phones or tablets, especially if they have unlocked or otherwise altered the devices.
Solera Networks Research Lab’s recommended resolutions for 2012:
Solera Networks Research Labs recommends implementing a list of New Year’s internet-related resolutions to protect consumers and businesses. Solera Networks recommends the following security-themed New Year’s resolutions for 2012:
Change your passwords more frequently
Every site or service you use needs to have its own unique password, and each password should meet stringent security standards, including minimum length and a diversity of character types. While the idea of changing them so frequently may seem daunting, it must be done. Fortunately, a number of different technologies and applications can be used to assist in managing these passwords. If available on your laptop, a biometric finger scanner can simplify the process, as can commercially available password management software.
Perform frequent backups
Backups are both a security resolution and a security blanket resolution. Select a large, external hard drive and back up all of your data regularly. Make 2012 the year of 52 weekly backups, with more frequent backups of the most important application data such as email.
Remove bloatware from any computing device as soon as possible
Whether it’s a phone, a computer, or any other device, if it’s loaded with applications that engage in any unwanted or undesirable behavior, remove them. It has become essential that consumers assert their right to total control over any technological device they use, and remove software that proves burdensome, irritating, or intrusive – whether it came pre-installed or not.
Fortify the computing environment
Dig deeply into the settings within both applications and the operating system of your computer with the goal of ensuring that you have done everything possible to lock down the devices. Don’t forget to include the smaller issues like disabling links in Outlook, as well as the major exposure points, like uninstalling vulnerable applications or disabling exploitable browser plugins. Focus on thoroughness as well as execution.
Prepare for swift response
Even if you hold to the resolutions above, new and unknown threats will find their way into your network. Network secruity professionals need to prepare for the unknown and plan for swift incident response. In 2012, resolve to go beyond just reviewing your log files and start recording traffic for key network segments. When something bad happens, you’ll be glad you have a full record of the event in order to uncover the full source and scope of any malicious activity.
About Solera Networks
Award-winning Network Security Analytics solutions from Solera Networks record, classify, index and store network traffic data to provide comprehensive situational awareness of all network events. The technology provides complete, real-time visibility and accurate incident reconstruction, allowing customers to detect and identify the root cause of advanced threats, mitigate the loss of intellectual property and reputational damage, reduce the time to respond and remediate, and minimize exposure to ongoing breaches, protecting critical information assets.
Global 2000 enterprises, cloud service providers and government agencies use Network Security Analytics solutions from Solera Networks to combat today’s increasingly sophisticated and targeted threats. Our clients see everything and know everything, allowing them to identify any and all events that existing toolsets fail to recognize, recover, or reconstruct. For more information on Solera Networks, visit www.soleranetworks.com.
CONTOS DUNNE COMMUNICATIONS
+1 408-776-1400 (o)
+1 408-893-8750 (m)