The recent exposure of 150 million Adobe accounts and the subsequent threat to millions millions more on other platforms due to users’ employing the same passwords has focused attention once again on problems with adequately protecting consumer data.
2013 was punctuated by several other major breaches, including Yahoo! Japan’s exposure of 22 million user IDs, the Evernote affecting 50 million users, and LivingSocial exposing 50 million more account credentials.
Will 2014 be any better? According to predictive analysis by TrendMicro, we should expect on average at least one major data breach incident each month next year.
“2013 altered our sense of scale when it came to the amount of data exposed with each breach. We were shocked when, in previous years, breaches of several million records came to light. In 2013, there were at least three separate breaches that exposed 50 million records,” wrote researcher Mark Nunnikhoven. “In 2014, we could easily see 500 billion data records exposed. The stakes have never been higher.”
As is apparent, attackers will continue to develop new tools to exploit unpatched vulnerabilities, and any organization that maintains large databases of potentially valuable data that can be sold on the black market can be expected to be a target.
“Major incidents like these will continue to ensue in the coming year. Web servers like those involved in the Adobe breach will continue to be targeted. No organization will be safe from data breaches. Someone will always attempt to break in to networks using new tools and by exploiting vulnerabilities,” the company predicts.
Other predictions include:
- Mobile banking will suffer from more MitM attacks
- Cybercriminals will increasingly use targeted-attack-type methodologies along with multiple exploits
- More clickjacking and watering hole attacks, new exploits of choice, and attacks via mobile devices.
- More attacks leveraging vulnerabilities in widely used but unsupported software like Java 6 and Windows XP
- The Deep Web will significantly challenge law enforcement
- Public distrust will ensue resulting in a period of disparate efforts to restore privacy.
Categories: Top Security Stories