As we approach the holiday season and reflect on the year, we can review a number of sophisticated cyber attacks during 2013. The year 2013 was a star chamber of victims.
A few themes are emerging.
Attackers are becoming well organized and well funded - New York Times CIO Marc Frons remarked that the SEA is becoming increasingly skilled, comparing its earlier work to knocking over a local savings and loan while its August attacks were more like breaching Fort Knox.
The network perimeter has eroded - Enterprise networks are increasingly complex and intertwined. SEA targeted the Times through a vendor and hit The Washington Post the same way earlier in the year. At the same time, we are each connected with many devices so there are now more attack vectors. Five years ago we connected to our networks through just one device, and now we connect through an average of four a week, giving attackers numerous points of entry.
Traditional security protection is inadequate - In 2013, reports emerged about the ineffectiveness of signature-based malware, a claim supported by the effectiveness of zero day attacks in APTs. Additionally, appliance-based security is not well-positioned to provide security and visibility into mobile devices and employees, evidenced by the success of the Apple watering hole attacks.
There’s a lot of work to do. Next time we’ll talk about some of our predictions for 2014, including why we expect to see more DNS attacks.