We asked security executives and industry analysts to weigh in on what they think were the biggest threats in 2013, and why organizations should care about these possible intrusions. Here are some of the threats they cited.
More Sophisticated DDoS
Attacks continue to become more sophisticated, and that includes advancements in increasing the bandwidth of distributed denial-of-service (DDoS) attacks. The trend has accelerated in recent months, says John South, CSO at Heartland Payment Systems, a large payments processor.
"Prior DDoS attacks leveraged the many thousands of personal computers that a typical botnet herd might utilize for the their attack engine," South says. "However, the huge multiplier in the newer efforts were botnets that consisted of compromised server-class equipment with much more capacity and horsepower."
Where a typical DDoS attack in 2012 might range into 3 or 4 Gbps, South says, the new attacks have bursts of more than 100 Gbps. "Many security professionals designed their DDoS strategies around the lower numbers, thinking that would be sufficient to stem a DDoS threat," he says. "Many institutions have had to rearchitect their network security strategies under the bandwidths that the newer threats pose."
This year saw the continued rise of DoS as a cyber weapon, says Mark Lobel, principal in PricewaterhouseCoopers' advisory practice focusing on security. "The bad actors don't necessarily have to steal your product or service," Lobel says. "They just have to make sure you can't deliver that product or service to your customers, which is a much lower bar than getting in, finding the data and getting away cleanly."
Attack of the Botnets
Associated with DDoS attacks is the "lethality" of the botnets that have been spreading through systems, South says.
"Using phishing techniques that have gained a much higher level of sophistication, they have been able to drop malware onto large numbers of personal and server-class equipment," South says.
Whereas the phishing attempts several years ago might have been replete with spelling and grammar errors, "the phishermen today have upped their social engineering skills and coupled these with much more credible messaging," South says. "Their success in compromising computer systems, and in turn accessing personal identity, credit card and bank account data, is illustrated in the increasing number of account takeovers that were seen in 2013."