Cybersecurity in 2014: A roundup of predictions

Cybersecurity in 2014: A roundup of predictions

Summary: Hackers, hacktivists and cyber-warriors all hit the headlines in 2013, and will undoubtedly do so again in 2014. Here's an analysis of what the experts at seven security vendors think will happen in the coming year.

SHARE:

One of the many signs that the year is drawing to a close is the appearance of predictions for the coming 12 months by security vendors and analysts. In a year that saw major stories such as the Snowden revelations and Adobe's massive data breach, the current state of organisations' cyberdefences, and experts' views on what they're likely to face in the future, are more pertinent than ever.

The current state of organisations' cyberdefences is the subject of a recent study by risk analysis firm BitSight, which evaluated security ratings for over 70 Fortune 200 companies in four industries — finance, retail, energy and technology. BitSight's ratings are based on 'big data' analysis of observed security incidents, including communication with known command-and-control servers, spam propagation and malware distribution. The study's headline findings are summarised in this chart:

security-2014-bitsight
Average security ratings for Fortune 200 companies in four industry sectors — Finance, Retail, Energy and Technology. (Source: BitSight Technologies)

The finance industry's leadership in security effectiveness reflects its position as a major target for cybercriminals, but the technology sector's consistently low ranking is something of a surprise — although it's amply demonstrated by the aforementioned Adobe breach. Also noticeable is an across-the-board dip in security effectiveness in April/May 2013, which BitSight attributes to a significant increase in new attacks at that time. So much for last year: but how is the arms race between the black hats and the white hats likely to develop in 2014?

2014 cybersecurity predictions

We've collated the 2014 cybersecurity predictions from seven vendors — FireEye, Fortinet, Lancope, Neohapsis, Symantec, Websense and Zscaler. Here's what the crystal-ball-gazers are saying in these organisations:


security-2014-fireeye-logo2
  • Sophisticated threat actors will continue to hide behind traditional mass-market crimeware tools to make identification and attribution hard for network defenders
  • More attack binaries will use stolen or valid code signatures
  • Mobile malware will further complicate the threat landscape
  • Java zero-day exploits may be less prevalent
  • Browser-based vulnerabilities may be more common
  • Malware authors will adopt stealthier techniques for command-and-control (CnC) communications
  • Watering-hole attacks and social media targeting will increasingly supplant spear-phishing emails
  • More malware will fill the supply chain. Expect more malicious code in BIOS and firmware updates
  • New heap-spray techniques will emerge because of Adobe Flash's 'click to play' mitigation (requiring user interaction to execute potentially malicious Flash content)
  • Attackers will find more ways to defeat automated (sandbox) analysis systems, such as triggering on reboots, mouse clicks, applications closing and so on
  • More crimeware will destroy the operating systems (OSs) of targeted systems as a last step of an attack
  • More 'digital quartermasters' behind targeted attack campaigns. In other words, Sunshop DQ is only the beginning
  • With increasing collaboration between targeted organizations around the globe, we will see cybercrime gangs identified and shut down, thanks to clues that tie separate attacks to common campaigns and threat actors
  • Cybercrime gets personal
  • We expect the time to detect advanced malware to increase

More details on FireEye's 2014 predictions


security-fortinet-logo
  • Android Malware Expands to Industrial Control Systems, and Internet of Things
  • Encryption Won't Change, but Use of Encryption Will Increase
  • FBI in Conjunction with Global Cyber Security Agencies to Shut Down Botnet Operators
  • The Battle for the Deep Web
  • New Exploits Target Off-Net Devices to Penetrate Corporate Resources
  • Network Security Vendors Forced to Become More Transparent
  • More Botnets Will Migrate From Traditional Command and Control (CnC) Servers to Peer-to-Peer (P2P) Networks 
  • More Botnets Will Cross Breed with Other Botnets
  • Increase in attacks targeting Windows XP
  • Biometrics for authentication will increase

More details on Fortinet's 2014 predictions


security-2014-lancope-logo
  • Incident response finally matures to a business process
  • Software-Defined Networking (SDN) and the adaptive perimeter
  • Increase in two-factor authentication
  • The 'Internet of Everything' requires the 'Security of Everything'
  • Physical authenticity weakens with 3D printing
  • Tracking devices

More details on Lancope's 2014 predictions


security-2014-neohapsis-logo
  • We'll see a cyberwar redux 
  • The cloud will begin to show its unseen costs
  • Privacy will continue to lose out to opposing parties in US Legislature
  • The Internet governance battle will continue
  • DDoS will get sneaky
  • Encryption technologies will undergo increased scrutiny
  • A foreign power or organized cybercrime group will have breached a mid-sized or municipal utility for a long period
  • Legacy problems will escalate

More details on Neohapsis' 2014 predictions


security-2014-symantec-logo
  • People will finally begin taking active steps to keep their information private
  • Scammers, data collectors and cybercriminals will not ignore any social network, no matter how 'niche' or obscure
  • The 'Internet of Things' becomes the 'Internet of Vulnerabilities'
  • Mobile apps will prove that you can like yourself too much

More details on Symantec's 2014 predictions


security-2104-websense-logo
  • Advanced malware volume will decrease
  • A major data-destruction attack will happen
  • Attackers will be more interested in cloud data than your network
  • Redkit, Neutrino and other exploit kits will struggle for power
  • Java will remain highly exploitable and highly exploited — with expanded repercussions
  • Attackers will increasingly lure executives and compromise organizations via professional social networks
  • Cybercriminals will target the weakest links in the 'data-exchange chain'
  • Mistakes will be made in 'offensive' security due to misattribution of an attack's source

More details on Websense's 2014 predictions


security-2014-zscaler-logo
  • What's in a Name? The Importance of DNS
  • The Tangled Web: SSL Encryption
  • BYOD Represents the Weakest Link
  • MPLS Goes Hybrid Cloud: Network-Delivered Security
  • Attacks on the Internet of Things

More details on Zscaler's 2014 predictions


Key themes

In order to extract some pattern from the 50-plus predictions listed above, we assigned them to various categories and graphed their frequency:

security-2014-graph-620
Predictions from seven security vendors (FireEye, Fortinet, Lancope, Neohapsis, Symantec, Websense and Zscaler), categorised and graphed by frequency. (Image: Charles McLellan/ZDNet)

Top of the list, with seven related predictions, is one of 2013's favourite buzz-phrases: the Internet of Things, or IoT. If 2013 was the year that the idea of the IoT (and many practical applications) went mainstream, then 2014 is likely to be the year when the security implications of equipping all manner of 'things' — from domestic refrigerators to key components of critical national infrastructure — with sensors and internet connections begin to hit home.

The next most populous categories, each with five predictions, are 'cyberdefence evasion' and 'network architecture', which take us into the heart of the arms race between the bad guys and the good guys. New cyberdefence evasion techniques flagged up by the experts include the use of stolen or valid code signatures to hide malware, and the development of ways to defeat automated 'sandbox' malware analysis systems. Meanwhile, network architecture-related predictions for 2014 include attacks on organisations' cloud-based data and the use of software-defined networking (SDN) to deliver "an adaptive perimeter or intelligence-based enclaves that are dynamic and both serving to the business needs as well as defensive against advanced threats" (Lancope).

The next four categories each have four predictions, and cover the use of crimeware toolkits such as Blackhole and its successors, more co-operation and collaboration among targeted organisations and cyberdefence agencies, the rise of mobile malware (particularly for the Android OS) and attacks based on social engineering or the use of social media.

Looking down the list of predictions, it's quite clear that today's threat landscape is becoming more of a threat vista, encompassing an increasing range of potential vulnerabilities and demanding an appropriately sophisticated response by those charged with cyberdefence — whether at the family, organisation or national level. The days of setting and forgetting a firewall and some antivirus software are well and truly over.

Topics: IT Security in the Snowden Era, Security

About

Charles has been in tech publishing since the late 1980s, starting with Reed's Practical Computing, then moving to Ziff-Davis to help launch the UK version of PC Magazine in 1992. ZDNet came looking for a Reviews Editor in 2000, and he's been here ever since.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

5 comments
Log in or register to join the discussion
  • Did I miss something?

    Are you only listing the malware created by the NSA, CIA and FBI, etc?

    Why not take all the Gov't spyware out of Windows 7 and 8?

    That would cut down on Gov't sponsored crime considerably

    How about shutting down the Pirate Bay to eliminate all the Gov't backdoors inserted into the keygens and software targetting those not using Windows Spyware platforms 7 and 8?

    They only work with XP anyway!

    How about getting rid of CryptoLocker which also appears to be Gov't sponsored as it only found at "Morally" questionable porn sites and not the mainstream "acceptable" porn sites

    Looks like a Gov't scare tactic to me

    Why doesn't Microsoft and Semantic take down the Gov't sponsored malware and botnets instead of only targetting the competition?

    How come Google can't find the illicit pornsites and block them when they appear to be Gov't sponsored Honeypots where the content never changes year after year?

    What the Hell is wrong with you people?

    WAKE UP!
    OutOfBoxExperience
  • HEY! I'm talkin ta YOU!!

    How come you can block every form of Gov't malware and eliminate CryptoLocker with a simple reboot using Driveshield with an illicit copy of Windows XP-SP2 without ANY Microsoft updates but you are not allowed to protect a fully updated an Legally obtained copy of Windows 7 or 8?

    How come you can block EVERY SINGLE Microsoft component from accessing the Internet with non-licenced copies of XP-SP2 but not with SP3 or Microsoft Defender installed as they seem to backdoor your firewall?

    Firefox and STEAM still work fine with all the Microsoft components blocked by the way

    How come?

    How come Microsoft tracks everything you install with Windows Spyware Platform 7 and 8 and prevents you from running "Several" XP programs for absolutely no reason?

    What the Hell is Wrong with you?

    WAKE UP!!!
    OutOfBoxExperience
    • Microsoft is Directly Liable

      Microsoft and the Federal Gov't are DIRECTLY Liable for damages incurred by malware that could EASILY be stopped by even an Illicit copy of XP-SP2 with and aftermarket firewall, a free antivirus and a copy of Driveshield but you are prevented from stopping with Windows 7 and 8

      The Gov't backs Microsoft in Court case after Court case only because the Federal Gov't is the beneficiary of the backdoored Spyware Platforms called Windows 7 and 8

      Screw that!

      You are directly liable regardless of what your bogus Courts say!

      YOU HEAR ME PUNKS?
      OutOfBoxExperience
    • Sorry: Correction!

      Sorry, I meant Microsoft Security Essentials and not Defender in the above post!

      It is Security Essentials that backdoored my firewall during testing and updated just fine even though it was blocked from accessing the Internet in my firewall
      OutOfBoxExperience
  • Fed vs Private Sector?

    The relationship between the private sector and federal government in terms of cyber security will be very interesting to watch over the next few years. I think you would be hard pressed to argue that the government will not have some direction intervention into cyber security programs or at least the auditing of them.

    Best practices in this field are often hard to identify, I would encourage you to read how companies like OPSWAT are advocating the use of multi-scanning and the higher detection rates that accompanies such a method
    TheSource49