Upload
anji-dudigam
View
221
Download
0
Embed Size (px)
Citation preview
8/13/2019 The 13 Worst Security Threats of 2013
1/4
1/23/2014 The 13 Worst Security Threats of 2013
http://www.gfi.com/blog/the-13-worst-security-threats-of-2013/
Follow GFI:
HOME ABOUT US TRIALS BLOGROLL VIDEO TOP POSTS CONTACT
The 13 Worst Security Threats of
2013Christina Goggi on December 26, 2013
As2013 draws to a close, itis only natural to take a
moment to look back on the year that was, and
evaluate it for both the ups and the downs. Was
2013 a good year or a bad one? Were there
significant events that will help shape the course of
2014 and beyond, or was it wholly unremarkable and
destined to fade into history? Wiser minds than
mine will have to make that call, and it will likely
vary from one reader to the next, but what we can
do is take a look back at the past year to reminisce
about the worst security threats of 2013.
The philosopher poet George Santayanaoffers us some words of wisdom that we should all take
to heart.
Those who cannot remember the past are condemned to repeat it.
By reviewing the major security threats of 2013, perhaps we can learn a lesson or two, and
avoid repeat performances in 2014. Lets run them down and see what we can learn.
1. Human nature
First up is morea category of attack than any one specific event. Phishing attacks target
everyone from your grandmother to your CEO, and unfortunately for big business, those big
paychecks and stock options dont always indicate a more savvy understanding of security. A
report recently published in Network Worldindicates that two out of three security prossurveyed have had to deal with a security incident that was not publicly disclosed, and that the
majority of those incidents trace back to a senior executive. These included falling victim to
phishing attacks, permitting family members to access corporate resources, downloading
malware, and surfing porn. I guess we know why things werent disclosed.
2. Ransomware
Cryptolocker was the big ki ller malware this year, with the novel approach of encrypting all of a
victims files and then holding them at ransom. Pay up, and the victim would be given the
private key to decrypt the files. Hold out, and all that data would be rendered useless. While
malware has been and always will be a problem, ransomware highlights the need for both strong
antivirus solutions, and backups of important data that are not accessible to regular users.
3. State sponsored hacking
There were lots of reports this year of hacking as an organized activity sponsored by national
governments. Whether from Syria, China, North Korea, or the United States, it seems that
theres more to be worried about online than Nigerian princes and tenth graders with too much
time on their hands. State sponsored hacking targeted more than just key pieces of
infrastructure, with many commercial enterprises finding themselves targets as part of a larger
plan to disrupt economies.
4. Hactivism
Anonymous, Luzsec, the Syrian Electronic Army and others all contributed to a rise in hacking to
make a point, aka hactivism. Governments, businesses, and individuals all found themselves on
the receiving in of digital bit-slaps as hactivists used the Internet to express their displeasure
with actions, inactions, and public statements.
http://www.networkworld.com/news/2013/110813-senior-executives-blamed-for-a-275779.htmlhttp://en.wikipedia.org/wiki/George_Santayanahttp://landlanss.gfi.com/ebook-first-aid-kit/?adv=13558&loc=1http://www.gfi.com/blog/gfi-patch-central/http://www.gfi.com/blog/videohttp://www.gfi.com/blog/videohttp://www.gfi.com/blog/http://www.gfi.com/blog/about-us/http://www.gfi.com/blog/trials/http://www.gfi.com/blog/links/http://www.gfi.com/blog/video/http://www.gfi.com/blog/top-posts/http://www.gfi.com/blog/contact/http://www.gfi.com/http://facebook.com/gfisoftwarehttp://twitter.com/gfisoftwarehttp://www.linkedin.com/groups?gid=1833394http://feeds.feedburner.com/TalkTechToMe-Allhttp://www.youtube.com/user/gfisoftwarehttps://plus.google.com/114749839406690991336/postshttp://facebook.com/gfisoftwarehttp://twitter.com/gfisoftwarehttp://www.linkedin.com/groups?gid=1833394http://feeds.feedburner.com/TalkTechToMe-Allhttp://www.youtube.com/user/gfisoftwarehttps://plus.google.com/114749839406690991336/postshttp://www.networkworld.com/news/2013/110813-senior-executives-blamed-for-a-275779.htmlhttp://en.wikipedia.org/wiki/George_Santayanahttp://www.gfi.com/blog/author/christina-goggi/http://www.gfi.com/http://www.gfi.com/blog/contact/http://www.gfi.com/blog/top-posts/http://www.gfi.com/blog/video/http://www.gfi.com/blog/links/http://www.gfi.com/blog/trials/http://www.gfi.com/blog/about-us/http://www.gfi.com/blog/http://landlanss.gfi.com/ebook-first-aid-kit/?adv=13558&loc=1http://www.gfi.com/blog/gfi-patch-central/http://www.gfi.com/blog/videohttp://www.gfi.com/blog/https://plus.google.com/114749839406690991336/postshttp://www.youtube.com/user/gfisoftwarehttp://feeds.feedburner.com/TalkTechToMe-Allhttp://www.linkedin.com/groups?gid=1833394http://twitter.com/gfisoftwarehttp://facebook.com/gfisoftware8/13/2019 The 13 Worst Security Threats of 2013
2/4
8/13/2019 The 13 Worst Security Threats of 2013
3/4
1/23/2014 The 13 Worst Security Threats of 2013
http://www.gfi.com/blog/the-13-worst-security-threats-of-2013/
Recent PostsIf youre going to do video content, do it r ight!
IT administrator, could this blog post change
your life?
IT security: A s mall and medium-sized business
checklist
2014: The year of doing more with web filtering
data? [I nfographic]
Tech ZoneIT administrator, could this blog post change
your life?
13 New Years Resolutions for Every SysAdmin
2013 - The Technology Year in Review
The 13 Worst Security Threats of 2013
Recent CommentsThe Top 20 Free Network Monitoring and
Analysis Tools for Sys Admins
Running XP? Tick-Tock, Youre On the Clock
10 Tips to Enforce Your Online Security
The Top 20 Free Network Monitoring and
Analysis Tools for Sys Admins
Name Required
Email Required
Website
Comment
Leave a Comment
Notify
me of
follow-up
comments
by email.
Notify
me of new
posts by
email.
Christina is Web Marketing Content Specialist at GFI Software. She is a keen
blogger and has contributed content to several IT sites, besides working as an
editor and regular contributor to Talk Tech to Me. Christina also writes for
various publications including the Times of Malta and its technology supplement.
Tweet 7 14
something stupid, it may be time to pull the cable. Cogent Healthcare blamed their vendor for
the online exposure of 32,000 patients medical information, which was conveniently indexed by
Google, but they should take heart. The Internal Revenue Service posted 100,000 citizens NPI
online for a period of time, setting the bar low indeed.
13. (The lack of) DLP
Finally, the lack of data loss prevention can be a s ignificant hole in your overall security
posture. Just ask investigators at the New York Medicaid agency, where an employee emailed
themselves the account NPI of over 17,000 Medicaid recipients. While DLP should have caught
that, Im amazed that their email system didnt choke on what had to be a pretty large
attachment!
Whether you would call your own personal 2013 a great year or a terrible one, a year to fill you
with hope for next year or dread, there are 13 lessons to be learned from others over the course
of this year. Review the list above, consider your own security, and work to make 2014 a good
year for you and yours.
About the Author: Christina Goggi
7Like Share 7
http://www.gfi.com/blog/author/christina-goggi/http://www.reddit.com/submithttp://twitter.com/search?q=http%3A%2F%2Fwww.gfi.com%2Fblog%2Fthe-13-worst-security-threats-of-2013%2Fhttps://twitter.com/intent/tweet?original_referer=http%3A%2F%2Fwww.gfi.com%2Fblog%2Fthe-13-worst-security-threats-of-2013%2F&text=The%2013%20Worst%20Security%20Threats%20of%202013%3A&tw_p=tweetbutton&url=http%3A%2F%2Fwww.gfi.com%2Fblog%2Fthe-13-worst-security-threats-of-2013%2F%23.UuCcKWj19KY.twitterhttp://www.gfi.com/blog/the-top-20-free-network-monitoring-and-analysis-tools-for-sys-admins/http://www.gfi.com/blog/10-tips-to-enforce-your-online-security/http://www.gfi.com/blog/running-xp-tick-tock-youre-on-the-clock/http://www.gfi.com/blog/the-top-20-free-network-monitoring-and-analysis-tools-for-sys-admins/http://www.gfi.com/blog/the-13-worst-security-threats-of-2013/http://www.gfi.com/blog/2013-the-technology-year-in-review/http://www.gfi.com/blog/13-new-years-resolutions-for-every-sysadmin/http://www.gfi.com/blog/it-administrator-could-this-blog-post-change-your-life/http://www.gfi.com/blog/2014-the-year-of-doing-more-with-web-filtering-data-infographic/http://www.gfi.com/blog/it-security-a-small-and-medium-sized-business-checklist/http://www.gfi.com/blog/it-administrator-could-this-blog-post-change-your-life/http://www.gfi.com/blog/if-youre-going-to-do-video-content-do-it-right/8/13/2019 The 13 Worst Security Threats of 2013
4/4
1/23/2014 The 13 Worst Security Threats of 2013
http://www.gfi.com/blog/the-13-worst-security-threats-of-2013/
TalkTechToMe - Copyright 2014 GFI Software | Privacy Policy | Copyright | Blog Terms of Use | Contact
http://www.gfi.com/blog/contacthttp://www.gfi.com/blog/blog-terms-of-usehttp://www.gfi.com/blog/gfis-copyright-infringement-policyhttp://www.gfi.com/blog/privacy-policy