What will the New Year hold? An increase in cyber-espionage, according to industry security experts. 2011 saw the creation of the Stuxnet malware, which was intended to disrupt Iran’s nuclear program. Then came the highly-sophisticated Duqu worm, which Jeff Hudson, CEO of Venafi, believes “will cause mayhem in early 2012,” reports PCWorld.
Several countries, including the Unites States, have created specialized teams and centers to defend against cyber attack. But retaliation is complicated by the fact that is often impossible to determine who is behind the attack.
While high-profile malware like Stuxnet and Duqu may very well lead to “mayhem,” companies and governments should not lose focus on cyber-espionage attacks that use simpler data exfiltration tools, known as Advanced Persistent Threats (APTs). Operation Aurora, Shady RAT, GhostNet, Night Dragon, and Nitro are just some examples of APTs that were discovered in 2011, notes Siliconindia.com.
Protection against APTs is difficult due to the human factor, says Rik Ferguson, director of security research and communication at security firm Trend Micro:
People still represent the weakest link in security for a large amount of enterprises and that is the reason they are targeted … Training still has an important place in an organization’s security planning but it needs to be ongoing training, not a one-time only event.
No doubt, 2012 will see even more APTs. Says Hudson:
If this issue isn’t on the agenda of your board right now then the board is negligent.