McAfee's comprehensive 2014 security report, released at the end of December, goes beyond rehashing the same set of threats in ever-increasing volume to instead reflect the impact of digital currencies, NSA leaks and social media. Going through the report, one thing becomes eminently clear: We are in no way prepared for what's coming in 2014.
I'll cover the report's main elements, but I suggest you read it thoroughly yourself - perhaps after a couple glasses of good brandy.
Expect a Mobile Malware Tsunami
At a McAfee event in 2012, I watched then-CTO Mike Fey demonstrate how to take over an iPhone or Android phone. He actually caused the Android phone to self-destruct by overclocking it to fail remotely.
This was unprecedented. Since then, mobile devices have become even bigger targets. While security has increased from source vendors, it hasn't kept up and, in fact, is falling further and further behind, according to McAfee. The report concludes that attacks will increase sharply in 2014 - particularly those designed to expropriate data without being detected. Such attacks grew a whopping 33 percent in 2013, while PC attacks were flat, showing that malware creators have largely shifted to more-vulnerable mobile operating systems.
Virtual Currencies Will Fuel New Crimes
While the section of the report on virtual currencies focuses on ransomware, there are broader implications to this trend. Virtual currencies are believed to be untraceable - which in theory makes them ideal for funding criminal activities, including blackmail, kidnapping and even assassinations - (though that was recently proven untrue).
According to McAfee's report, we can expect an increase in ransomware, which disables PCs and servers and can be removed only by paying a ransom. The same is true for similar crimes that McAfee doesn't track. Crimes that require a payoff currency source that can't be traced will rise. If you use a digital currency, it may only be a matter of time before law enforcement simply assumes that you're a crook.
Attackers Include U.S. Government, Organized Crime
While the report doesn't focus specifically on the NSA disclosures, it does indicate that governments, including our own, are doing incredibly invasive things that are virtually impossible to detect. Some attacks compromise legitimate applications, making them behave like malware; others go well beyond PCs and smartphones, with targets such as industrial control systems or other systems tied to keeping national infrastructure operating. Both private and public systems are in their crosshairs.
Social Networks, PCs, Servers Increasingly Vulnerable
Social attacks will increase sharply, largely focusing on getting answers to security questions, capturing passwords or committing identity theft. This information will be used to create virtual or real-world crimes against individuals, companies and even governments. Companies, too, are expected to increasingly use this tactic to penetrate competitors to learn about new products, steal ideas, poach employees and otherwise gain strategic and tactical advantages.
Even though, as noted, the volume of attacks on PCs has remained flat, McAfee nonetheless suggests they are becoming far more powerful, with attacks both above and below the operating system. HTML5 is becoming the preferred attack vehicle, as it lets hackers move among platforms and provides an unparalleled opportunity to gain system and information access. These attacks can drift beyond PCs and into mobile systems, below the OS, into storage systems, and even compromise the BIOS - becoming virtually undetectable in the process.
Analytics May Be Only Sustaining Defense - Cloud Providers Won't Help
McAfee suggests that the only sustaining defense will be comprehensive analytics able to detect the penetration before it compromises systems and determine, from company-wide system behavior, that a compromise has occurred by looking across the corporation. The old security solutions simply aren't up to the task, however, and the report says a much more computational, comprehensive approach will be necessary to get ahead of these threats.
While companies may wish to pass the task of worrying about these threats to cloud-based services, these services will become even more attractive targets thanks to rich customer bases and a wealth of content from those customers. Attackers will increasingly focus on breaching hypervisors to gain access to multiple companies at once and achieve criminal rewards that would make a James Bond villain proud. Because many providers lack the leverage to provide security measures in line with corporate needs, the exposures could be catastrophic at a national level.
So ... Who Wants a New Career?
After reading the McAfee report, that's what occurred to me. We're clearly unprepared for the kinds of attacks that are coming. The folks we typically look to help protect us are also penetrating our systems and aren't particularly secure themselves. The one thing that's clear: You sure don't want to do anything to make this worse. That suggests going easy with cloud services or other vendors that don't understand your security needs.
As an IT leader, you may want to suggest that security become a higher priority - not just from survey perspective, but from a funding perspective as well. Not only could your firm be the next Target, the next attack could make the Target attack look trivial by comparison.
Suddenly a job teaching doesn't look so bad. Happy New Year? Yeah, right.
Rob Enderle is president and principal analyst of the Enderle Group. Previously, he was the Senior Research Fellow for Forrester Research and the Giga Information Group. Prior to that he worked for IBM and held positions in Internal Audit, Competitive Analysis, Marketing, Finance and Security. Currently, Enderle writes on emerging technology, security and Linux for a variety of publications and appears on national news TV shows that include CNBC, FOX, Bloomberg and NPR.
Read more about cybercrime in CIO's Cybercrime Drilldown.