Monday, March 18, 2024

Top Five Security Threats for 2006

Datamation content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

In anticipation of the new year ahead, I’d like to look at those things

most likely to test our security patience. Let’s talk about the Top Five

things we can anticipate becoming bigger issues or more insiduous threats

in the months to come.

To know the future, you must understand the past and this has never been

more the case in IT than it is today. The future will carry many things

that have foundations in the threats and exploits of the past year or

two. Without a clear understanding of those things, the threats and

vulnerabilities of the new year will seem overwhelming.

Here are my Top Five things to look for in the new year — and why you’ve

already seen forshadowings of them and should be prepared to deal with

them.

  • Targeted Phishing Scams — It will seem like they are more

    narrowly focussed but when you take a look at all the attempts, you’ll

    see that’s not true. It isn’t that they are more targeted, it’s that your

    filtering systems already have taken out the ones most likely to be spam

    and left those that are possibly related to you or your interests. Fuzzy

    logic is a nifty thing.

    The bad news is that your end users are going to be more susceptible to

    these because the scams will look like the real thing. Now is the time to

    start educating your users on methods to protect themselves.

  • Self-Contained Electronic Devices — PDA/pager/phone/email —

    it’s all in one box! Be the first on your block to carry the all-in-one

    solution to staying connected. Be the first on your block to download the

    Blackberry- or Treo-targetted virus. Be the first on your block to bring

    the company Intranet down with a piggy-backed payload designed for

    desktops. I think we’ll be seeing the first cross over infections from

    hand-held devices to desktops and corporate networks in the coming year.

  • Spam — That unwanted bulk email will become more insiduous in

    getting around spam filters at both the border and application level. As

    spam filtering becomes more sophisticated, we’ll see messages that are

    less like advertisements and more like email addressed specifically to

    us. Like phishing schemes, spam will feel more personally directed.

  • Voice over IP — VoIP will continue to be the industry’s darling

    ‘innovation’. The media focus, however, has most frequently failed to

    address possible security concerns. In all the articles on the subject

    that I’ve read, only one of them comments on security implications.

    One way to really simplify the matter is to ask two questions: When was

    the last time you had an analog phone compromised and a keystroke logger

    installed? Oh, yeah. Never. When was the last time any one of your

    workstations was compromised with any form of rootkit? A lot more

    frequently than you’d like to admit to probably.

    So, let’s hook the phones up to the computer so any traffic sniffer will

    not only have access to all your data, but all your strategic and

    tactical discussions on how to build your company successfully. Warning

    bells should be going off for even the most inexperienced IT manager at

    this point.

    To be practical about this, you are effectively setting your company up

    for a single point of failure. And it’s one that is known to occur on a

    consistent, if not regular, basis, and one that can cause considerable

    damage before identified and remediated. By adding your phone lines to

    this matrix, you increase the amount of damage possible prior to

    discovery.

    I am not saying that you cannot implement VoIP securely. Setting up your

    VoIP implementation should mean taking the necessary precautions to

    secure the implementation appropriately. Securing the server that will be

    handling your phone calls, setting traffic on a protected subnet and

    other precautions specific to your environment are paramount. I’ve heard

    how some are excited to be able to push phone calls over to wireless

    access points for greater convenience. This indicates to me that they are

    really missing the key point to security.

    As with any technology, proper security implementation has to be included

    from the outset. Attempts to add security as a secondary consideration

    are going to cause difficulties in the implementation. If you come to a

    point where VoIP is no longer a discussion but a directive, it’s time to

    switch to arguing for appropriate security levels and valid descriptions

    of the threats to corporate assets.

  • The House of Gates — Microsoft will continue to experience

    setbacks in the security arena. With more than 5 billion lines of code

    to sort through, Micro$oft will have more zero-day events to deal with

    similar to the one announced in late December.

    The .WMF vulnerability and exploit was reported late in December, and

    published in Microsoft Security Advisor 912840. It has shown that

    Microsoft is not in the clear for future events of this nature. Exploits

    will continue to become more esoteric, as well as virulent in the sense

    that they will affect a wider spectrum of the Windows operating systems.

    In the case of the .WMF vulnerability, every version of Windows is

    vulnerable (even those Microsoft no longer supports security patches for)

    regardless of patch level.

    Second, it’s not just one portion of the operating system that is

    affected but multiple major portions. The Windows Fax and Image Viewer

    library (shimgvw.dll) is used to render images in Windows Explorer,

    Internet Explorer and other applications such as Lotus Notes. Anything

    that gives a view (whether thumbnail image or full view) of an image is

    at risk of processing malicious code in an image that’s been downloaded

    from the Internet, or transmitted by email or instant messenger service.

    System administrators will have to decide whether to use thrid-party

    patches or wait for the official patch from the House of Gates. This will

    be the case, as well, in future incidences.

    This is the future — more spam, more phishing, more really cool

    technology gone awry, and Microsoft making your life dificult, because

    you can’t live with them and you can’t live without the operating system.

  • Subscribe to Data Insider

    Learn the latest news and best practices about data science, big data analytics, artificial intelligence, data security, and more.

    Similar articles

    Get the Free Newsletter!

    Subscribe to Data Insider for top news, trends & analysis

    Latest Articles