Experts Predict a Major Data-Destruction Attack for 2014

Websense makes some interesting predictions for next year

By on November 19th, 2013 02:56 GMT

As 2014 approaches, IT security companies have started making predictions for the year to come. Websense has released its 2014 Security Predictions report.

“Bypassing traditional defenses was raised to an art form by cybercriminals in 2013,” noted Charles Renert, vice president of security research for Websense.

“In 2014, cyberattacks will be even more complex and diverse. While the general volume of advanced malware will decrease—we predict the volume of targeted attacks and data destruction incidents will increase. Organizations must up their security game as attackers continue to seek new ways to penetrate traditional defenses at every stage of the threat lifecycle.”

The company predicts, based on real-time telemetry from its ThreatSeeker systems, that the volume of advanced malware will decrease next year. While this might sound like good news, it’s not really so. Cybercriminals will likely turn to more targeted, low-volume attacks to breach organizations’ networks.

Websense also warns that we’ll likely see a major data-destruction attack in which ransomware will play an important part.

As more and more organizations migrate to the cloud, data stored on the local networks will become less interesting in favor of the one stored in the cloud. Cybercriminals will likely come to realize that breaching “the cloud” is more profitable than trying to hack into an on-premise network.

Now that the BlackHole exploit kit is out of the picture, its place will likely be taken by exploit kits such as Neutrino and Redkit.

In 2014, Java will remain highly exploitable and highly exploited, social networks will be increasingly used to lure executives and compromise their organizations, and cybercriminals will turn to targeting consultants, contractors, and vendors when trying to steal sensitive information from corporations and government entities.

The complete Websense 2014 Security Predictions report is available on the company’s website (registration required).

Comments