8/13/2019 The 13 Worst Security Threats of 2013
1/4
1/23/2014 The 13 Worst Security Threats of 2013
http://www.gfi.com/blog/the-13-worst-security-threats-of-2013/
Follow GFI:
HOME ABOUT US TRIALS BLOGROLL VIDEO TOP POSTS CONTACT
The 13 Worst Security Threats of
2013Christina Goggi on December 26, 2013
As2013 draws to a close, itis only natural to take a
moment to look back on the year that was, and
evaluate it for both the ups and the downs. Was
2013 a good year or a bad one? Were there
significant events that will help shape the course of
2014 and beyond, or was it wholly unremarkable and
destined to fade into history? Wiser minds than
mine will have to make that call, and it will likely
vary from one reader to the next, but what we can
do is take a look back at the past year to reminisce
about the worst security threats of 2013.
The philosopher poet George Santayanaoffers us some words of
wisdom that we should all take
to heart.
Those who cannot remember the past are condemned to repeat
it.
By reviewing the major security threats of 2013, perhaps we can
learn a lesson or two, and
avoid repeat performances in 2014. Lets run them down and see
what we can learn.
1. Human nature
First up is morea category of attack than any one specific
event. Phishing attacks target
everyone from your grandmother to your CEO, and unfortunately
for big business, those big
paychecks and stock options dont always indicate a more savvy
understanding of security. A
report recently published in Network Worldindicates that two out
of three security prossurveyed have had to deal with a security
incident that was not publicly disclosed, and that the
majority of those incidents trace back to a senior executive.
These included falling victim to
phishing attacks, permitting family members to access corporate
resources, downloading
malware, and surfing porn. I guess we know why things werent
disclosed.
2. Ransomware
Cryptolocker was the big ki ller malware this year, with the
novel approach of encrypting all of a
victims files and then holding them at ransom. Pay up, and the
victim would be given the
private key to decrypt the files. Hold out, and all that data
would be rendered useless. While
malware has been and always will be a problem, ransomware
highlights the need for both strong
antivirus solutions, and backups of important data that are not
accessible to regular users.
3. State sponsored hacking
There were lots of reports this year of hacking as an organized
activity sponsored by national
governments. Whether from Syria, China, North Korea, or the
United States, it seems that
theres more to be worried about online than Nigerian princes and
tenth graders with too much
time on their hands. State sponsored hacking targeted more than
just key pieces of
infrastructure, with many commercial enterprises finding
themselves targets as part of a larger
plan to disrupt economies.
4. Hactivism
Anonymous, Luzsec, the Syrian Electronic Army and others all
contributed to a rise in hacking to
make a point, aka hactivism. Governments, businesses, and
individuals all found themselves on
the receiving in of digital bit-slaps as hactivists used the
Internet to express their displeasure
with actions, inactions, and public statements.
http://www.networkworld.com/news/2013/110813-senior-executives-blamed-for-a-275779.htmlhttp://en.wikipedia.org/wiki/George_Santayanahttp://landlanss.gfi.com/ebook-first-aid-kit/?adv=13558&loc=1http://www.gfi.com/blog/gfi-patch-central/http://www.gfi.com/blog/videohttp://www.gfi.com/blog/videohttp://www.gfi.com/blog/http://www.gfi.com/blog/about-us/http://www.gfi.com/blog/trials/http://www.gfi.com/blog/links/http://www.gfi.com/blog/video/http://www.gfi.com/blog/top-posts/http://www.gfi.com/blog/contact/http://www.gfi.com/http://facebook.com/gfisoftwarehttp://twitter.com/gfisoftwarehttp://www.linkedin.com/groups?gid=1833394http://feeds.feedburner.com/TalkTechToMe-Allhttp://www.youtube.com/user/gfisoftwarehttps://plus.google.com/114749839406690991336/postshttp://facebook.com/gfisoftwarehttp://twitter.com/gfisoftwarehttp://www.linkedin.com/groups?gid=1833394http://feeds.feedburner.com/TalkTechToMe-Allhttp://www.youtube.com/user/gfisoftwarehttps://plus.google.com/114749839406690991336/postshttp://www.networkworld.com/news/2013/110813-senior-executives-blamed-for-a-275779.htmlhttp://en.wikipedia.org/wiki/George_Santayanahttp://www.gfi.com/blog/author/christina-goggi/http://www.gfi.com/http://www.gfi.com/blog/contact/http://www.gfi.com/blog/top-posts/http://www.gfi.com/blog/video/http://www.gfi.com/blog/links/http://www.gfi.com/blog/trials/http://www.gfi.com/blog/about-us/http://www.gfi.com/blog/http://landlanss.gfi.com/ebook-first-aid-kit/?adv=13558&loc=1http://www.gfi.com/blog/gfi-patch-central/http://www.gfi.com/blog/videohttp://www.gfi.com/blog/https://plus.google.com/114749839406690991336/postshttp://www.youtube.com/user/gfisoftwarehttp://feeds.feedburner.com/TalkTechToMe-Allhttp://www.linkedin.com/groups?gid=1833394http://twitter.com/gfisoftwarehttp://facebook.com/gfisoftware
8/13/2019 The 13 Worst Security Threats of 2013
3/4
1/23/2014 The 13 Worst Security Threats of 2013
http://www.gfi.com/blog/the-13-worst-security-threats-of-2013/
Recent PostsIf youre going to do video content, do it r
ight!
IT administrator, could this blog post change
your life?
IT security: A s mall and medium-sized business
checklist
2014: The year of doing more with web filtering
data? [I nfographic]
Tech ZoneIT administrator, could this blog post change
your life?
13 New Years Resolutions for Every SysAdmin
2013 - The Technology Year in Review
The 13 Worst Security Threats of 2013
Recent CommentsThe Top 20 Free Network Monitoring and
Analysis Tools for Sys Admins
Running XP? Tick-Tock, Youre On the Clock
10 Tips to Enforce Your Online Security
The Top 20 Free Network Monitoring and
Analysis Tools for Sys Admins
Name Required
Email Required
Website
Comment
Leave a Comment
Notify
me of
follow-up
comments
by email.
Notify
me of new
posts by
email.
Christina is Web Marketing Content Specialist at GFI Software.
She is a keen
blogger and has contributed content to several IT sites, besides
working as an
editor and regular contributor to Talk Tech to Me. Christina
also writes for
various publications including the Times of Malta and its
technology supplement.
Tweet 7 14
something stupid, it may be time to pull the cable. Cogent
Healthcare blamed their vendor for
the online exposure of 32,000 patients medical information,
which was conveniently indexed by
Google, but they should take heart. The Internal Revenue Service
posted 100,000 citizens NPI
online for a period of time, setting the bar low indeed.
13. (The lack of) DLP
Finally, the lack of data loss prevention can be a s ignificant
hole in your overall security
posture. Just ask investigators at the New York Medicaid agency,
where an employee emailed
themselves the account NPI of over 17,000 Medicaid recipients.
While DLP should have caught
that, Im amazed that their email system didnt choke on what had
to be a pretty large
attachment!
Whether you would call your own personal 2013 a great year or a
terrible one, a year to fill you
with hope for next year or dread, there are 13 lessons to be
learned from others over the course
of this year. Review the list above, consider your own security,
and work to make 2014 a good
year for you and yours.
About the Author: Christina Goggi
7Like Share 7
http://www.gfi.com/blog/author/christina-goggi/http://www.reddit.com/submithttp://twitter.com/search?q=http%3A%2F%2Fwww.gfi.com%2Fblog%2Fthe-13-worst-security-threats-of-2013%2Fhttps://twitter.com/intent/tweet?original_referer=http%3A%2F%2Fwww.gfi.com%2Fblog%2Fthe-13-worst-security-threats-of-2013%2F&text=The%2013%20Worst%20Security%20Threats%20of%202013%3A&tw_p=tweetbutton&url=http%3A%2F%2Fwww.gfi.com%2Fblog%2Fthe-13-worst-security-threats-of-2013%2F%23.UuCcKWj19KY.twitterhttp://www.gfi.com/blog/the-top-20-free-network-monitoring-and-analysis-tools-for-sys-admins/http://www.gfi.com/blog/10-tips-to-enforce-your-online-security/http://www.gfi.com/blog/running-xp-tick-tock-youre-on-the-clock/http://www.gfi.com/blog/the-top-20-free-network-monitoring-and-analysis-tools-for-sys-admins/http://www.gfi.com/blog/the-13-worst-security-threats-of-2013/http://www.gfi.com/blog/2013-the-technology-year-in-review/http://www.gfi.com/blog/13-new-years-resolutions-for-every-sysadmin/http://www.gfi.com/blog/it-administrator-could-this-blog-post-change-your-life/http://www.gfi.com/blog/2014-the-year-of-doing-more-with-web-filtering-data-infographic/http://www.gfi.com/blog/it-security-a-small-and-medium-sized-business-checklist/http://www.gfi.com/blog/it-administrator-could-this-blog-post-change-your-life/http://www.gfi.com/blog/if-youre-going-to-do-video-content-do-it-right/
