From time to time, I try to share some of our reader feedback via this blog, whether it is positive or negative. As each year draws to a close, our editorial inbox gets bombarded with threat predictions of all kinds for the upcoming year. Some are company-wide predictions, others come from individuals. Rather than trying to report on each set of predictions (and risk the boring our readers through redundancy), one of our news writers took a meta-analysis approach by aggregating the most commonly anticipated threat-related themes he could ferret out from more than 20 different firms.
I won’t list all of the common predictions here, except to say that many of them appear to be ‘no-brainers’ if one pays attention at all to the threat landscape. Besides, you can read them for yourself if you wish.
But one of our readers recently took the time to point out another emerging threat not included on the list. Its novel, from my perspective, because I have not seen someone talk about this out before. That’s not to say that another soothsayer out there has not made a similar prediction or highlighted the problem, but in this season of generosity, allow me to give to our readers yet another prophecy to keep in mind for 2012. This comes from Laz Lazarikos of Silver Tail Systems, who is also the former head of information security for the Sears Online Business Unit:
Hi Drew,
I agree that mobile malware, APTs, wikileaks types of attacks and others will gain more momentum in 2012. However, there is one specific kind of threat that is missing from this list – one which I believe is quickly becoming a target for cybercriminals and most organizations are not prepared to offset attacks in this area.
The Nagivation Layer of websites is one that has remained largely unprotected, and criminals are now starting to take advantage. In fact, cybercriminals today are perpetrating a variety of attacks that either steal data, disrupt service, or cause other types of mayhem on the Navigation Layer of websites. We have found that the traditional detection and mitigation tools (deep authentication, transaction risk modeling, IDS/IPS, WAFs, firewalls, link analysis, etc.) all remain critical pieces for organizations to have in place; however, new approaches that focus on the Navigation Layer such as malware signature and behavioral anomaly detection provide far greater insight into the most devastating web-based attacks of today as well as the emerging threats of tomorrow.
This is exactly why monitoring the Navigation Layer – which includes all behavior on a website and may be referred to as a clickstream – is so important. Traditional approaches that leverage deep-authentication of users, transaction risk modeling, link analysis, event correlation, IDS/IPS monitoring, are still critical to have in place.
Moreover, criminals are continually changing their attack strategies and developing new methods of exploiting website functionality. Keeping detection systems up-to-date with the latest attack vectors is incredibly challenging. 2011's frequent data breaches and compromised systems across a wide range of public and private organizations underscores the need for robust systems of monitoring and detecting web traffic/web session patterns."
Laz Lazarikos, director of strategy, SilverTail Systems
As always, Laz, we appreciate your input on the content of our news items. To my knowledge, this is not something we came across in our collection of threat predictions for 2012, so I would like to thank you for putting this on our radar. I encourage you, and all of our readers, to pass along any information that would benefit the industry and its practitioners.
And as a final parting shot, don’t feel you all need to wait until December to send us your analyses and prognostications. We do man these posts the other 11 months of the year ;)
Merry Christmas, Happy Holidays, and best of luck in the New Year to you all!