Six Emerging Threats All Security Professionals Should Prepare For

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8
Next Six Emerging Threats All Security Professionals Should Prepare For-7 Next

Hackers can compromise a user's system by getting them to visit a malicious site, which exploits vulnerabilities in the browser or other software. The problem for hackers is getting users to visit those sites, and one way to do that is to compromise legitimate and well-known sites, and then add links from those sites to the malicious destinations. These links give the malicious sites a better "page ranking," making them appear earlier in search engine results.

But there's another way to manipulate search results, and that's connected to the concept of a "filter bubble." Put simply, most search engines filter the results that they provide by looking at a user's search history, if it is available. The purpose is to provide results that are likely to be more relevant to the user.

Search profiles are stored online, indexed by a cookie, and in the future hackers may attempt to enumerate and modify them to change the results a given search brings up. It's already possible to do this; it has been carried out successfully by researchers, according to the report.

Manipulating search profiles in this way can make it more likely that users will be presented with – and thus click on – a malicious link. But it also has another implication: Since the search profile is stored online, any machine accessed by a compromised user may be vulnerable, as their search profile may follow them to any machine they use.

What you can do to mitigate the threat: Train users not to log in to their Google account or any other search engine account when they use the Internet. Clearing browser caches after each session or using Internet Explorer's InPrivate Browsing mode, Firefox's Private Browsing mode or Chrome's Incognito mode may also be helpful.

The security threat landscape changes constantly, with malicious hackers developing new ways to compromise your systems as older vulnerabilities are discovered and patched. So it's important to be aware of the threats to enterprise security that are coming over the horizon and heading this way.

According to Paul Rubens, writing for Enterprise Security Planet, it's a question the Georgia Institute of Technology addresses in its Emerging Cyber Threat Report 2013, in which researchers identify at least six threats that all security professionals should know about.


Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

More Slideshows

Social14-190x128.jpg 10 Ways to Improve Your Social Media Security Policy and Posture

When phone calls, video conference information, pictures, chat logs, etc. are all stored in a central location via social media, a potential hacker has access to just about everything, quickly and easily. ...  More >>

Security120-290x195 5 DDoS Myths Debunked

Unearth the real story behind five commonly held myths about distributed denial-of-service attacks. ...  More >>

Security119-190x128 8 Tips for Ensuring Employee Security Compliance

IT security ultimately depends on making sure employees use the appropriate tools and comply with policies designed to protect them and their data/applications. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.