Top Security Threats for 2013

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8
Next Top Security Threats for 2013-4 Next

MD5 and other weak encryption algorithms will cause breaches. Statistical data gathered by Venafi indicates that nearly all Global 2000 organizations have deployed weak, easily hacked, MD5-signed certificates in their environments. MD5 is the broken certificate-signing algorithm used by Microsoft that allowed hackers to bypass Microsoft security and infect thousands of computers with Flame malware. Once in place, Flame was able to gather sensitive information from the targeted devices. With nearly one out of five certificates deployed across the Global 2000 still using MD5, it is highly probable that related breaches will continue. 

Venafi, a market leader in enterprise key and certificate management (EKCM) solutions, recently released its cybersecurity and vulnerability predictions for 2013. At the top of its predictions list is that organized cyber criminals and hackers will leverage digital-certificate-based attacks to infect enterprise IT systems with state-developed malware such as Flame and Stuxnet. The results will impact business operations adversely, and could lead to data breaches and brand damage. 

"Many pundits, leading media outlets and even some security experts are reporting that enterprises needn't be overly concerned about Flame and Stuxnet-style malware, citing the fact that they were executed by well-funded government intelligence and military groups whose targets were hostile nation-states and not businesses," said Venafi CEO Jeff Hudson. "However, our view is that companies should be concerned, as the tools and techniques used to execute these types of attacks are, unfortunately, now in the hands of common criminals and rogue entities. In the coming year, such attacks are likely to increase, especially against enterprises, and are likely to result in major data breaches, unplanned outages and significant disruptions to businesses."

Venafi bases its predictions on hard evidence, not conjecture. In 2012, Chevron (No. 3 in the Fortune 500 rankings) admitted that it had found the Stuxnet malware in its systems. Chevron has since publicly stated that it does not believe the U.S. government realizes how far and wide the malware has spread. Although reports indicate that the incident did not cause damage or result in data loss, it proves that digital-certificate-based attacks are no longer hypothetical or confined to state vs. state cyber war scenarios.

In addition to predicting increased trends in enterprise attacks, Venafi has also researched the overall enterprise security landscape and developed a number of other predictions highlighted in this slideshow.

 

Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

 
More Slideshows

IT security careers The Most In-Demand Security Jobs and How to Get Them

Security professionals are in demand right now, and entry-level security jobs generally fall into either an engineer or analyst role. Find out more about required skills and career paths. ...  More >>

142x105itbeusasecurity2.jpg 9 Predictions for Cybersecurity’s Role in Government and Politics in 2017

Experts predict how cybersecurity will affect and involve our government, policies and politics in 2017. ...  More >>

Shadow IT Security How Risky Behaviors Hurt Shadow IT Security

Examine some of the concerns involving shadow IT security and some of the riskiest behaviors, applications and devices. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.