As part of its annual evaluation of evolving security trends in the year ahead, McAfee Labs have put together a list of 10 threat predictions for enterprise IT in the year ahead. I received a copy of the list via email from McAfee, which I promptly scrutinized for tips that may be relevant to small and mid-sized businesses.
Well, I've highlighted a couple of security threats that I feel pertain to SMBs - together with some suggestions for how system administrators may want to defend their organizations.
Traditional spam will go "legit"; spear phishing will evolve into targeted messaging attacks.
McAfee Labs says that while it has seen a drop in global spam volumes in the past two years, legitimate advertisers are picking up where the spammers left off by utilizing the same spamming techniques. This ranges from the purchasing of email lists from users who have ostensibly consented to receive advertising, and even purchasing the databases of companies that are going out of business. McAfee says this type of spam will grow at a faster rate than phishing and confidence scams. Another popular technique is the practice of snowshoe spamming, which entails using a wide array of IP addresses to spread out the spam load and make it harder for spam filters to identify and stop.
SMBs need to understand that the increasingly sophisticated solutions do mean that conventional signature-based or even heuristic spam filtering engines will catch less spam than before. One possible defense would be to rely on cloud-based solutions that are able to aggregate from a much larger pool of email messages to more accurately identify spam. Moreover, the increase in spear phishing - a problem that doesn't lend itself to a pure technology solution - does mean that the best defense against spear phishing ultimately goes back to effective employee education.
Mobile botnets and rootkits will mature and converge.
To combat increasingly sophisticated threats against mobile users such as mobile botnets and rootkits, McAfee suggests that organizations develop new mobile access and security policies. Of course, the number of threats targeting mobile devices is still comparatively miniscule compared to other security vectors. Consider the amount of information stored on mobile devices, however, and the fact that they are not typically protected behind the corporate firewall, and the equation changes drastically.
With the trend of BYOD (Bring Your Own Device) expected to increase in 2012, I would strongly urge SMBs to take a hands-on approach to mobile devices. Indeed, it would probably be better to start developing and implementing guideline and policies - which can be tweaked along the way - than wait until a serious security breach before reacting.