The Internet is slowly changing, and security experts say that today's security issues will continue to be major players in driving that change. Here are four trends that dominated headlines in 2012, and will continue to play a major role in 2013.
The Internet as governmental tool
The collective realization by governments around the world that the Internet is an excellent network for conducting surveillance, monitoring, espionage, and war, says Finnish computer security firm F-Secure's Chief Technical Officer Mikko Hypponen, may not come to full fruition in 2013. But the foundation for that change is already underway.
"There will be more operations along the lines of Olympic Games, also from other sources than US and Israel. Later on, we might look back at these first 20 years of the Web as the Golden Days, when the net was still free," he wrote in an e-mail to CNET. "Olympic Games" is the covert inter-government project that reportedly birthed Stuxnet, Duqu, and Flame.
Information security expert Chris Wysopal agreed that "cyber-warfare" is becoming commonplace. "When there's a political or actual war event, we're seeing cyber-attacks parallel that. It does seem to be more pronounced. It's almost not newsworthy, as if we expect it to happen alongside a political event."
Take that in for a moment. Government-sponsored, computer-based attacks, as "almost not newsworthy," he said.
But just because these attacks are becoming more frequent doesn't mean that they don't stymie security researchers. Tomer Teller, a security evangelist and researcher at Check Point, said that he was surprised this year by the rise of "precision-targeted attacks."
"We saw that with Gauss this year, from the Stuxnet family. It had an encrypted payload, and researchers couldn't decrypt it," Teller said.
Tim Rains, the director of Microsoft's Trustworthy Computing division, pointed out that these governmental actions have consequences beyond the nuclear reactors of Iran and other industrial targets.
"Eighty-five percent of the exploits against operating systems tried to take advantage of one of the vulnerabilities that Stuxnet used. A very small fraction of malware uses "zero-days," so we're seeing commodity malware writers benefits from the research of professionals," he said. "It was a trend in 2012, and we'll continue to see that in the next year."
The Internet as governmental tool
The collective realization by governments around the world that the Internet is an excellent network for conducting surveillance, monitoring, espionage, and war, says Finnish computer security firm F-Secure's Chief Technical Officer Mikko Hypponen, may not come to full fruition in 2013. But the foundation for that change is already underway.
"There will be more operations along the lines of Olympic Games, also from other sources than US and Israel. Later on, we might look back at these first 20 years of the Web as the Golden Days, when the net was still free," he wrote in an e-mail to CNET. "Olympic Games" is the covert inter-government project that reportedly birthed Stuxnet, Duqu, and Flame.
Information security expert Chris Wysopal agreed that "cyber-warfare" is becoming commonplace. "When there's a political or actual war event, we're seeing cyber-attacks parallel that. It does seem to be more pronounced. It's almost not newsworthy, as if we expect it to happen alongside a political event."
Take that in for a moment. Government-sponsored, computer-based attacks, as "almost not newsworthy," he said.
But just because these attacks are becoming more frequent doesn't mean that they don't stymie security researchers. Tomer Teller, a security evangelist and researcher at Check Point, said that he was surprised this year by the rise of "precision-targeted attacks."
"We saw that with Gauss this year, from the Stuxnet family. It had an encrypted payload, and researchers couldn't decrypt it," Teller said.
Tim Rains, the director of Microsoft's Trustworthy Computing division, pointed out that these governmental actions have consequences beyond the nuclear reactors of Iran and other industrial targets.
"Eighty-five percent of the exploits against operating systems tried to take advantage of one of the vulnerabilities that Stuxnet used. A very small fraction of malware uses "zero-days," so we're seeing commodity malware writers benefits from the research of professionals," he said. "It was a trend in 2012, and we'll continue to see that in the next year."
No comments:
Post a Comment