CyberEye

Blog archive
Businessmen looking back toward a storm

Cyber threats of 2013: Look back, not forward

Many threat forecasters focus on what is changing in IT to define the coming threat landscape, but researchers crunching the numbers from eight years of Verizon Data Breach Investigation Reports say the past is a better indicator, and see little change in the future.

“I feel pretty confident that 2013 will be very similar to 2012,” said Wade Baker, managing principal of Verizon’s Research Intelligence Solutions Knowledge (RISK) Team and a principal author of the annual report.

The threat landscape is defined not by emerging technology, but by tried and true techniques that persist from year to year.

That means that the top issues that agencies will continue to see in 2013 will be authentication exploits involving the theft or improper reuse of passwords and other credentials, and Web application exploits, which have been a favorite tool of the hacktivists who target government sites.

Not on the list of likely trouble spots are cloud computing and mobile devices, which are getting a lot of attention in 2013 forecasts. “They are significant changes,” Baker acknowledged. “But I’m not convinced that these infrastructure and device-level changes have demonstrably changed the threat environment yet.”

The Data Breach Incident Reports are annual statistical analyses of information breaches that have been investigated in a number of countries. The most recent report includes information from 855 incidents gathered from the U.S. Secret Service as well as from authorities in Australia, the Netherlands, Ireland, and the United Kingdom.

Which raises the question: Can historical information be used to predict the future? Baker thinks it can, at least for the near-term. The top threats have changed little over the past five years, he said. They might shift in the rankings some, but the mix remains largely the same. “Every year we look at this and we say things are going to change, and they don’t,” he said.

That is not to say there have not been changes over the past eight years. There has been an increase in the use of stolen credentials to exploit authentication systems and a corresponding decrease in the exploitation of vulnerabilities in code. Cybercriminals have become more professional and the exploit tools they use have become commodities, putting more powerful weapons in the hands of non-technical hackers and crooks.

But governments face a different kind of attacker, Baker said. Those who target governments are driven less by profit motive and more by activism and national interests. This means that the most significant threats might not be the most numerous ones. Agencies, along with large corporations with valuable intellectual property, also will continue to be targeted by state-sponsored espionage, which is harder to detect and might not make it onto the radar screen as often.
 
And all of this raises another question: Which is the more significant threat: the numerous ones we know about, or the emerging threats that we don’t know? That won’t be clear until we know what the impact of emerging threats are. Hindsight is always better than forecasts.

Posted by William Jackson on Jan 02, 2013 at 9:39 AM


Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.