Senior Vice President for Public Sector, McAfee
2010: It’s here already — and, as with every new year, it brings with it lots of promise and, inevitably, a few challenges, too. That’s certainly the case in the area of cybersecurity.
If 2009 was a year in which we saw cybercrime expand as never before, then 2010 looks almost certain to see an increase in threats — especially as related to government networks, social networking sites, banking security, and botnets, as well as attacks targeting users, businesses, and popular applications.
And now for the good news…
While 2010 will see us facing the same level of cyber issues we faced 2009 (albeit with the inevitable new twists), we can also expect to see an increase in the overall effectiveness of government, business and law enforcement — powered by innovative new technologies — to combat cybercrime.
With that dynamic — formidable challenges, but an increasingly powerful arsenal with which to face them — in mind, let’s make a few “predictions” for the new year. After all, anticipating what lies ahead is the first — and most important —n step in achieving success in any challenge.
5 for ’10: Our Top Five Cybersecurity-Related Predictions for the Coming Year
1 — Social networking sites may not relate directly to government agencies, but their widespread use means they “matter” for any enterprise. As such, the most popular mediums, such as Facebook and Twitter, will face more sophisticated threats as the number of users grows. The explosion of applications on these outlets will be an ideal vector for cybercriminals, who will take advantage of friends trusting friends to click links they might otherwise treat cautiously.
2 — The expansion of HTML 5 will blur the line between desktop and online applications. This, along with the release of Google Chrome OS, will create another opportunity for malware writers to prey on users.
3 — Cybercriminals have long picked on Microsoft products due to their popularity. In 2010, we anticipate Adobe software, especially Acrobat Reader and Flash, will take the top spot.
4 — Banking Trojans will become more clever, sometimes interrupting a legitimate transaction to make an unauthorized withdrawal.
5 — Botnets will remain the leading infrastructure for cybercriminals, used for spamming to identity theft. However, recent successes in shutting down botnets will force their controllers to switch to alternate, less vulnerable methods of command, including peer-to-peer setups.
The Federal Angle
We often think of “civilian” applications and “government” applications, but the increasingly seamless nature of the world means the potential fallout of cybercrime knows no borders and does not distinguish between victims.
Given that reality, it is, inevitably, the U.S. government that has the most power to make positive changes — even if the collaborative role of the private sector, especially for technology development, is a vital one.
To that end, the U.S. government would be well served to create an entity that has the ability to transcend corporate competition. This will allow trust to be brokered and ultimately, relationships so the best counsel is provided to the national leadership before, during and after cyber attacks happen.
In addition, our leaders should focus on defining U.S. government cybersecurity standards through collaboration with the private sector, specifying process, performance criteria or functional specifications for best leveraging COTS technologies while not requiring specific products or technologies.
Of course, these aren’t the only measures that can — or should — be taken, but they represent a positive direction and, most importantly, reflect the borderless realities of the world in which we exist.
About McAfee Labs
McAfee Labs is the global research team of McAfee, Inc. With the only research organization devoted to all threat vectors— malware, web, email, network, and vulnerabilities—McAfee Labs gathers intelligence from its millions of sensors and its cloud-based reputation technologies such as Artemis and TrustedSource. McAfee Labs’ 350 multidisciplinary researchers in 30 countries follow the complete range of threats in real time, identifying application vulnerabilities, analyzing and correlating risks, and enabling instant remediation to protect enterprises and the public.
About McAfee, Inc.
McAfee, Inc., headquartered in Santa Clara, California, is the world’s largest dedicated security technology company. McAfee is relentlessly committed to tackling the world’s toughest security challenges. The company delivers proactive and proven solutions and services that help secure systems and networks around the world, allowing users to safely connect to the Internet, browse, and shop the web more securely. Backed by an award-winning research team, McAfee creates innovative products that empower home users, businesses, the public sector, and service providers by enabling them to prove compliance with regulations, protect data, prevent disruptions, identify vulnerabilities, and continuously monitor and improve their security. www.mcafee.com.