Six Emerging Threats All Security Professionals Should Prepare For

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8
Next Six Emerging Threats All Security Professionals Should Prepare For-7 Next

Hackers can compromise a user's system by getting them to visit a malicious site, which exploits vulnerabilities in the browser or other software. The problem for hackers is getting users to visit those sites, and one way to do that is to compromise legitimate and well-known sites, and then add links from those sites to the malicious destinations. These links give the malicious sites a better "page ranking," making them appear earlier in search engine results.

But there's another way to manipulate search results, and that's connected to the concept of a "filter bubble." Put simply, most search engines filter the results that they provide by looking at a user's search history, if it is available. The purpose is to provide results that are likely to be more relevant to the user.

Search profiles are stored online, indexed by a cookie, and in the future hackers may attempt to enumerate and modify them to change the results a given search brings up. It's already possible to do this; it has been carried out successfully by researchers, according to the report.

Manipulating search profiles in this way can make it more likely that users will be presented with – and thus click on – a malicious link. But it also has another implication: Since the search profile is stored online, any machine accessed by a compromised user may be vulnerable, as their search profile may follow them to any machine they use.

What you can do to mitigate the threat: Train users not to log in to their Google account or any other search engine account when they use the Internet. Clearing browser caches after each session or using Internet Explorer's InPrivate Browsing mode, Firefox's Private Browsing mode or Chrome's Incognito mode may also be helpful.

The security threat landscape changes constantly, with malicious hackers developing new ways to compromise your systems as older vulnerabilities are discovered and patched. So it's important to be aware of the threats to enterprise security that are coming over the horizon and heading this way.

According to Paul Rubens, writing for Enterprise Security Planet, it's a question the Georgia Institute of Technology addresses in its Emerging Cyber Threat Report 2013, in which researchers identify at least six threats that all security professionals should know about.

 

Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

 
More Slideshows

Privacy rollback Security Pros Give Their Opinions on ISP Data Privacy Rollback

IT staff, organization leaders, and the average citizen have all expressed levels of concern over the FCC about-face in regard to ISP privacy. Here’s what the security experts say. ...  More >>

IT security skills 7 Top Skills for Security Pros

Executives at several top tech firms outline the skills they need now and in the near future, including IaaS and IoT security expertise. Other skills listed may surprise you. ...  More >>

IT security careers The Most In-Demand Security Jobs and How to Get Them

Security professionals are in demand right now, and entry-level security jobs generally fall into either an engineer or analyst role. Find out more about required skills and career paths. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.