How the security threat landscape will evolve this year
by Lamar Bailey - Director of Security Research and Development for nCircle - Wednesday, 16 January 2013.
Where 2012 was a period of great innovation amongst cybercriminals and hackers – many of whom keenly develop new and hybridized attack vectors that build on a constantly expanding range of extensible code environments seen running on Windows and Apple Mac platforms - 2013 is likely to go down in the darkware IT history books as a period of consolidation.

This trend will be driven, we predict, by the not inconsiderable fact that the incredible volume of new security threats seen over the last 12 months will push many of the so-called legacy threats out of the first tier of the attack tables that many IT security applications automatically load into memory.

But 2013 will also, we believe, be marked as a period of adaptive security threats, driven by the continual development of five key areas:

1. Adobe Acrobat and Reader security flaws

2. SQL injection threats

3. Compromised and malicious Web sites

4. Exploit Kits

5. Zero-day Web browser threats.

The four main groups of attackers that will be delivering the main strands of threats will be cyber-criminals, cyber-terrorists, political hacktivists and rogue employees - causing IT security professionals a number of headaches as never before.

All of this, of course, comes against a backdrop of an evolving Internet - using extensible code technologies such as ActiveX, HTML5, JavaScript and good old Multimedia - to introduce malware to the company IT platform and to monetise frauds, steal data, raid company bank accounts and hit corporate reputations where it hurts most: on the bottom line.

Adobe Acrobat and Reader security flaws

The first of our five threats that IT professionals should be on the lookout for in 2013 is the recurrent problem of Adobe Acrobat and Reader security flaws. Although Adobe’s software has been around since the early 1980s, it wasn’t until the company acquired Macromedia in 2005 – when Flash came under Adobe’s wing - that the extensible code threat landscape started to change.

Because much of Adobe's code structures are designed to be executed across multiple platforms, this makes the process of enhancement a tricky one, especially against a backdrop of a constant stream of Patch Tuesdays for Windows - and similar code updates for the Apple Mac and other operating system platforms.

A classic example of this was back in December of 2011 when hackers started tucking into a potentially major Adobe Acrobat and Reader security flaw, with Adobe issuing a warning to its user base about the issue, which affected Adobe Reader X (10.1.1) and earlier versions for Windows and Apple Mac systems, and Adobe Reader 9.4.6 and earlier 9.x versions for Unix, as well as Adobe Acrobat X (10.1.1) and earlier for Windows and Mac machines.

Since the security issue extended to include MS-Office users, the problem – just one of many for Adobe over the last couple of years – was a lot more widespread than many of the other Adobe vulnerabilities reported by security research organisations.

The solution to these vulnerabilities is similar in principle to the advice we give our clients about Java in all its shapes and forms: namely the need to constantly patch – and stay on top of patches – in almost any computing environment.

Whilst Adobe has developed its own strategies to deal with these issues – including that of integrating its own updates alongside Microsoft's Patch Tuesday code releases – there may be an argument not to install an Adobe application unless you actually need the facility.

This is especially true where Web browser clients are involved - and it is worth noting that there are a number of browser extensions and apps designed to easily toggle extensible code environments on – and off again – as and when required.

It is also worth noting that, whilst an Adobe install may be required on your laptop computer, there is rarely a requirement for the same application code to be installed on a server environment.


What's the real cost of a security breach?

The majority of business decision makers admit that their organisation will suffer an information security breach and that the cost of recovery could start from around $1 million.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Feb 11th