When it comes to security, there is no substitute for vigilance.
Cisco today released its annual security report, which doesn’t have much in it that would surprise most IT professionals. What it does confirm is that end users are a lot more gullible than anyone would like to admit and that the bad guys around the globe are making liberal use of pretty rudimentary exploits.
Security professionals need to pay close attention to system logs in order to identify any anomalies, says Mary Landesman, a senior security researcher for Cisco.
That, of course, is roughly the equivalent of looking for the digital needle in the haystack, which is why IT organizations need to think about how they are going to rely more on security automation technologies to identify and remediate security vulnerabilities, said Landesman.
Despite the recent takedowns of some high-profile botnets, Landesman says new botnets will spring up to take their place. So while there has been a recent decrease in the volume of spam, there’s no reason to think that the volume of spam flowing through the Internet won’t be increasing in the near future. And as any security professional will tell you, a large percentage of that spam is carrying malware payloads.
About the only surprising thing in the report is how ZeuS malware is now being converted into a mechanism for stealing financial data. Attack kits have been developed that specifically leverage ZeuS to allow criminals to download large amounts of data. Zeus malware has been widely distributed, but it’s only recently that we’ve begun to see how digital criminals are leveraging it to steal intellectual property.
Longer term, Landesman says it’s clear we’re entering a new phase in the security war that will be characterized by ‘weaponized malware’ such as the Stuxnet Worm that was used to compromise nuclear facilities in Iran. It’s very likely that similar forms of malware will be developed in the near future to attack a wide variety of government and commercial targets.
That may be depressing news to IT organizations that are not looking forward to becoming collateral damage in somebody else’s digital war. But as the saying goes, to be forewarned is to be forearmed.