Six Emerging Threats All Security Professionals Should Prepare For

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8
Next Six Emerging Threats All Security Professionals Should Prepare For-7 Next

Hackers can compromise a user's system by getting them to visit a malicious site, which exploits vulnerabilities in the browser or other software. The problem for hackers is getting users to visit those sites, and one way to do that is to compromise legitimate and well-known sites, and then add links from those sites to the malicious destinations. These links give the malicious sites a better "page ranking," making them appear earlier in search engine results.

But there's another way to manipulate search results, and that's connected to the concept of a "filter bubble." Put simply, most search engines filter the results that they provide by looking at a user's search history, if it is available. The purpose is to provide results that are likely to be more relevant to the user.

Search profiles are stored online, indexed by a cookie, and in the future hackers may attempt to enumerate and modify them to change the results a given search brings up. It's already possible to do this; it has been carried out successfully by researchers, according to the report.

Manipulating search profiles in this way can make it more likely that users will be presented with – and thus click on – a malicious link. But it also has another implication: Since the search profile is stored online, any machine accessed by a compromised user may be vulnerable, as their search profile may follow them to any machine they use.

What you can do to mitigate the threat: Train users not to log in to their Google account or any other search engine account when they use the Internet. Clearing browser caches after each session or using Internet Explorer's InPrivate Browsing mode, Firefox's Private Browsing mode or Chrome's Incognito mode may also be helpful.

The security threat landscape changes constantly, with malicious hackers developing new ways to compromise your systems as older vulnerabilities are discovered and patched. So it's important to be aware of the threats to enterprise security that are coming over the horizon and heading this way.

According to Paul Rubens, writing for Enterprise Security Planet, it's a question the Georgia Institute of Technology addresses in its Emerging Cyber Threat Report 2013, in which researchers identify at least six threats that all security professionals should know about.


Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

More Slideshows

PAM PAM Solutions: Critical to Securing Privileged Access

To protect the company from those insiders who abuse their privileged access and from hackers with stolen credentials, many companies are turning to a privileged access management (PAM) solution. ...  More >>

Fake news How Can We Fix the Fake News Problem?

Is fake news a security issue? Some say yes, as it can be used as a social engineering tool to spread disinformation and conceivably to get unsuspecting users to click on malicious links. ...  More >>

blockchain The World According to Blockchain

Blockchain comes with many costs and is surrounded by confusion. Here, we examine realistic use cases, drawbacks and the potential of blockchain. ...  More >>

Subscribe Daily Edge Newsletters

Sign up now and get the best business technology insights direct to your inbox.