Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

What's Your 2009 Threat Prediction for the New Year?

Published: 2009-01-01
Last Updated: 2009-01-02 18:24:14 UTC
by Lorna Hutcheson (Version: 4)
0 comment(s)

It's hard to believe that 2009 is already here.  It hardly seems possible.  I have, as I'm sure most of you have as well, been doing a lot of thinking about what the New Year will bring.  What will be the new threat for the security professional in the upcoming year?  The SSL MD5 issue is one that will surely make the new year interesting.  I know that you're supposed to bring the New Year in with a bang, but that is certainly one we could have all done without.   

SANS Technology Institute has posted a nice compilation of what challenges the security community will face.  I would like to focus this compilation on what you think the threat will be.  Coming from a military background, I hold to the belief that you have to know your enemy and the tactics they will use.  You cannot defend against what you don't know and you can't afford to sit idle till something happens. 

I'll start first will a couple of predictions for 2009.  I believe we will continue to see an increase in targeted attacks.  It has proven too lucrative, to the attackers, to get and keep a foothold in an organization.    I think the delivery mechanism of the targeted attacks (usually via email) will have to be adjusted since people are becoming more aware and technology to filter email is getting better.  I also believe that we will start to see more of a convergence of threats/attacks in the cyber world and their impact with the real world.   We are networking everything and that is not going to be without ramifications.  I have a presentation on the concept I did at SANSFire a couple of years ago if anyone is interested.

If you're willing to drop us a note with your threat predictions for 2009, please do.  We'll compile them and post those we receive permission to post.  It'll be interesting to see what everyone thinks 2009 will bring!


Happy New Year Everyone!

 

UPDATE:  Kelvin wrote in with this interesting threat perspective:

  "With the economic meltdown and high unemployment rates, surely will see an escalation of internal attacks coming from disgruntle employees." 

I hadn't really thought about an increase in the insider threat.  Disgruntled or even those who are under financial strain may indeed cause a rise of
insider attacks.

 

UPDATE:   James sent us the following:

  "I expect and pray for the following:

No viruses at all and all the script kiddies to work for the common good.

I am preparing for 6 major Internet outages, a dozen new major virii, a major hack into the nationgs power grid...

I am most concerned about more social engineering and wireless communication hacks."

 

UPDATE:  Donald Smith, a fellow handler, provided these thoughts: 

"Watch for a LARGE rise in work from home scams.
With a large unemployment base of professionals many will want to try one of the various work from home schemes. While a few of those are legitimate most are MULE or sell our work from home plans.


Disgruntled employees may increase slightly however most people with a job won't want to do anything to jeopardize it or make future employment difficult.

Now disgruntled EX-employees may rise with the unemployment rate. They can do a lot of damage even if they are no longer an "insider" especially if they know how things work at their old company;)

Tax and refund scams will rise due to the "homeowner" bailout plan. Since it is new it will be ripe for abuse esp social engineering.

I expect to see lots of network and network element vulnerabilities (such as the DNS one or the PKI md5 certs one just announced). Tools to discover these types of things have been getting better and better AND the market for such things had developed into a fairly solid model (there is money in finding things like this:)

I expect old school defacements (for bragging rights) to dwindle further as that has become a useful skill for the drive by install and scareware industry. (antivirus 2009 and similar stuff)."

 

Keywords:
0 comment(s)
Diary Archives