Volume and sophistication of attacks to increase
Based on activity levels observed in the second half of 2011, the growing pace, volume and sophistication of attacks suggest consumers, small businesses and corporations will need to grow increasingly vigilant over the next year.
Solera Networks provided five simple activities that, when added to a list of New Year’s resolutions, should prove helpful in protecting Internet users from these threats.
Solera Networks Research Lab’s top five threats for 2012:
Increasing attacks staged through legitimate but compromised sites
From tiny collectives to large organizations, the continued existence of unpatched, vulnerable Web sites are poised to become a substantial problem in the near future. The number of these vulnerable Web sites combined with an abundance of keylogger malware available today suggests a rapidly increasing number of sites will be used to redirect unsuspecting victims to exploit kits.
Scripted exploits targeting vulnerable browser plug-ins
Currently, there is no surefire method for preventing accidental infection of a Windows PC by exploit-kitted Web pages, and in 2012 the number of those infections will grow every day. Heavily-obfuscated Javascript can take control of a PC within minutes and then gain quick access to the user’s passwords. One preventative measure is to use the Firefox browser with NoScript installed. Otherwise, reduce your attack surface: Update Flash, Acrobat, Office, and other vulnerable applications immediately (and regularly), and disable Javascript within your PDF reader application.
Malicious Spam Increases
Malicious spam in 2012 will follow the patterns set in late 2011. Every available delivery method – email, social networks, and IM, as zipped malware attached to the messages, or links to malicious pages – and any other conceivable form is up for grabs: shipping confirmations, missed deliveries, credit warnings and statements, utility bills, complaints to the Better Business Bureau, online order confirmations, bank statements, electronic funds transfer notices and “friend notification” emails from social networking sites. These new and innovative social engineering tactics will ensnare unsuspecting victims with increasingly sophisticated malware.
SCADA systems remain a key target
SCADA systems don’t just control plutonium enrichment centrifuges. They control things as mundane as the hot water boilers in large steam heating systems, the electrical systems of large office buildings, and the telephone switches in hospitals and universities. Many Internet-connected SCADA systems have been left wide open to the world. If the operators of these systems don’t take immediate action to lock down the public Web interface to their SCADA-controlled devices, it could be only a matter of time before someone decides to cause deliberate harm, shutting off a critical system in a time of need.
Continued increase of malicious smart phone applications
The volume of copycat Android malware is increasing rapidly. Today, threats include everything from local scam artists to entire markets hosted on overseas sites. Users will need to exercise extreme caution installing anything onto their smart phones or tablets, especially if they have unlocked or otherwise altered the devices.
Solera Networks Research Labs recommends implementing a list of New Year’s internet-related resolutions to protect consumers and businesses. Solera Networks recommends the following security-themed New Year’s resolutions for 2012:
Change your passwords more frequently
Every site or service you use needs to have its own unique password, and each password should meet stringent security standards, including minimum length and a diversity of character types. While the idea of changing them so frequently may seem daunting, it must be done. Fortunately, a number of different technologies and applications can be used to assist in managing these passwords. If available on your laptop, a biometric finger scanner can simplify the process, as can commercially available password management software.
Perform frequent backups
Backups are both a security resolution and a security blanket resolution. Select a large, external hard drive and back up all of your data regularly. Make 2012 the year of 52 weekly backups, with more frequent backups of the most important application data such as email.
Remove bloatware from any computing device as soon as possible
Whether it’s a phone, a computer, or any other device, if it’s loaded with applications that engage in any unwanted or undesirable behavior, remove them. It has become essential that consumers assert their right to total control over any technological device they use, and remove software that proves burdensome, irritating, or intrusive – whether it came pre-installed or not.
Fortify the computing environment
Dig deeply into the settings within both applications and the operating system of your computer with the goal of ensuring that you have done everything possible to lock down the devices. Don’t forget to include the smaller issues like disabling links in Outlook, as well as the major exposure points, like uninstalling vulnerable applications or disabling exploitable browser plugins. Focus on thoroughness as well as execution.
Prepare for swift response
Even if you hold to the resolutions above, new and unknown threats will find their way into your network. Network security professionals need to prepare for the unknown and plan for swift incident response. In 2012, resolve to go beyond just reviewing your log files and start recording traffic for key network segments. When something bad happens, you’ll be glad you have a full record of the event in order to uncover the full source and scope of any malicious activity.