Cybersecurity is now a topic with implications for every major line of business and market segment in the region. Kelly Brazil, Palo Alto Networks' Director of Systems Engineering, Asia Pacific, shares his 13 predictions for cybersecurity, the threat landscape, firewall and mobile security in 2014.
1. Advanced attackers will move to mobile devices. A wave of crimeware and fraud has already begun to target mobile devices, which are ripe targets for new malware and a logical place for new threat vectors. We have witnessed attacks of this kind in Asia Pacific, where malware was used to intercept and hide received text messages, as well as to send text messages in order to sign users up to premium-rate mobile services. The growing popularity of smartphone devices in Asia makes it a perfect target for this kind of attack. In 2014 we will also see mobile platforms being uniquely leveraged by advanced persistent threats (APTs) thanks to the ability to use GPS location to pinpoint individual targets and use cellular connectivity to keep command and control away from enterprise security measures.
2. Detection times will decrease. Enterprise security has undergone a massive transformation since the introduction of the next-generation firewall. This has long since moved from an emerging technology to one that's universally deployed. Newer, advanced security services are letting enterprises gain new advantages in detecting unknown threats and gather that information into a threat intelligence cloud that's developing an impressively high IQ. The net result will be a measurable reduction in the time it takes to detect a breach.
3. Securing the mobile device will be inextricably linked to securing the network. With freedom of choice comes risk. Megatrends like BYOD and the rise of the mobile workforce in Asia, is providing fertile ground for cyber criminals and nation states looking to capitalise on devices operating over unprotected networks. The scales have historically been tipped, leaving enterprises vulnerable to a new breed of advanced threats targeting mobile devices. In 2014, threat intelligence gained within the enterprise network will offer new defence capabilities for mobile devices operating outside protected networks. Intelligence gained by mobile devices will offer new signature capabilities to further strengthen enterprise networks.
4. Financially motivated malware will make a comeback and the lines between APTs and organised crime will blur. Recent headlines relating to the theft of confidential information from Standard Chartered and JPMorgan, serves to underline the vulnerability of banks and financial organisations in Asia and around the world. In 2014, the focus of enterprise security will again be on the attacks where money changes hands. Banking and fraud botnets will continue to be some of the most common types of malware. Meanwhile, attribution of APTs is becoming more of a focus in the industry, which means that more hacker groups will spend more time attempting to cover their tracks and hide any unique identifiers. To do so, they will attempt to imitate, contract with or even infiltrate criminally-focused hacking organisations to provide cover for their operations.
Sign up for CIO Asia eNewsletters.