Former NSA technology boss Prescott Winter has a word for the kind of security he sees even at large, technologically sophisticated companies: Appalling. Companies large enough to afford good security remain vulnerable to hackers, malware and criminals because they tend to throw technological solutions at potential areas of risk rather than focusing on specific and immediate threats, Winter said during his keynote speech Oct. 1 at the Splunk Worldwide User’s Conference in Las Vegas. ‘As we look at the situation in the security arena we see an awful lot of big companies – Fortune 100-level companies – with, to be perfectly candid, appalling security. They have fundamentally no idea what they’re doing,’ Winter said, according to a story in U.K. tech-news site Computing. During almost 28 years at the National Security Agency (NSA), Winter established the spy agency’s Technology Directorate and served as the agency’s first CTO. He also held positions as the NSA’s CIO, its deputy chief of Defensive Information Operations and, oddly, as chief of Customer Response. He is currently managing director of Chertoff Group, the strategic management and security consultancy established by Michael Chertoff, secretary of the Dept. of Homeland Security under Pres. George W. Bush and co-author of the USA Patriot Act.
PWC published the the survey results of Information Security survey conducted by them. Their interactive data exploration tool lets you personally select criteria and explore the data for several key questions.
With this tool, you can interact and engage with the data. You have control. Build your own data charts. Share them with colleagues and friends, or print them out for further use. And be sure to download The Global State of Information Security® Survey 2014 in its entirety to see all the results. Access the survey tool here.
The Emerging Cyber Threat Landscape
A new report by the EU’s cyber security agency, ENISA, has resulted in calls for cloud security to be bolstered after analysing the ways in which cyber criminals are likely to make use of the new data-storage platform to carry out their attacks.
The study, entitled ‘Threat Landscape: Responding to the Evolving Threat Environment‘, identifies and lists the top threats and their trends, and concludes that drive-by exploits have become the top web threat.
ENISA report identifies the following top cyber threats
- Drive-by exploits
- Code injection attacks
- Exploit kits
- Denial of Service
- Compromising confidential information
- Targetted attacks
- Physical theft/damage/loss
- Identity theft
- Abuse of information leakage
- Search engine poisoning
- Rougue certificates
- Corporations. This kind of threat refers to corporations/organizations/enterprises that adopt and/or are engaged in offensive tactics. Corporations can be considered as hostile threat agents their motivation is to build competitive advantage over competitors, who also make up their main target. Depending on their size and sector, corporations usually possess significant capabilities, ranging from technology up to human engineering intelligence, especially in their area of expertise.
- Cybercriminals. Cybercriminals are hostile by nature. Moreover, their motivation is financial gain and their skill level is, nowadays, quite high. Cybercriminals can be organized on a local, national or even international level. It should be taken as given, that a certain degree of networking between cybercriminals is being maintained.
- Employees. This category refers to the staff, contractors, operational staff or security guards of a company. They can have insider access to company’s resources and they are considered as both non-hostile threat agents (i.e. distracted employees) as well as hostile ones (i.e. disgruntled employees). This kind of threat agents possesses a significant amount of knowledge that allows them to place effective attacks against assets of their organization.
- Hacktivists. Hacktivism is a new trend in threat agents. Hacktivists are politically and socially motivated individuals that use computer systems in order to protest and promote their cause. Moreover, they are usually targeting high profile websites, corporations, intelligence agencies and military institutions.
- Nation States. Nation states can have offensive cyber capabilities and could potentially use them against an adversary. By their very nature and due to the importance of the means at their disposal, Nation States may present a threat in the area of cyber warfare.
- Terrorists. Terrorists have expanded their activities and engage also in cyber-attacks. Their motivation can be political or religious and their capability varies from low to high. Preferred targets of cyber terrorists are mostly critical infrastructures (e.g. public health, energy production, telecommunication etc.), as their failures causes severe impact in society and government. It has to be noted, that in the public material analysed, the profile of cyber terrorists still seems to be blurry.
Mobile computing and social technology are among the top emerging areas for possible targets for attacks. The emerging areas are:
- Mobile Computing: Covering several aspects of Consumerization of IT, BYOD (Bring Your Own Device) and mobile services, such as social networking, business applications and data, use of cloud services, interpersonal communication, voice, video, etc.
- Social Technology: Use of social media is one of the main activities performed by private users. Moreover social networking plays an increasingly significant role in businesses.
- Critical Infrastructures: This is an area that is definitely going to attract threat agents, as the impact of such an attack is big at all levels (society, government, national security, etc.).
- Trust Infrastructure: Attacks on the trust infrastructure break the chains of trust and generate very serious impact at many levels and application areas. Success of such attacks allows attackers to greatly enlarge their attack surfaces and targets.
- Cloud Computing: The proliferation of cloud computing and the sheer concentration of users and data on rather few logical locations are definitely an attractive target for future attacks.
- Big Data: Use of big data within businesses but also for the enhancement of security is already in discussion. On the other hand it is also expected that attackers are going to abuse big data in order to enhance their capabilities, collect intelligence, but also to better hide their attacks.