Media Release
Sydney, Australia, 13 December, 2012 – McAfee has provided an insight into the challenges IT Managers are likely to face next year with Mike Sentonas, VP, Chief Technology Officer, Asia Pacific, highlighting his top Australian and New Zealand Security Predictions for 2013.
Covering increased targeted attacks, ransomware, signed malware and, mobile malware and the Bring Your Own Application phenomenon (BYOA), the predictions outline key issues IT managers need to be aware of in the year ahead.
“Looking back at the evolution of threats in 2012 and ahead to 2013, it’s becoming clear IT managers need to evolve their business processes in order to keep organisations secure,” said Mike Sentonas, VP, Chief Technology Officer, Asia Pacific, McAfee.
“With the increase in targeted attacks, there’s an urgent need for well-defined incident response planning. On top of this, IT managers are also facing new threats such as employees downloading Apps within the organisation and ransomware. It’s because of this increased pressure from external and internal threats that we predict IT managers will need to embrace security automation in order to keep up,” said Sentonas.
2013 Australian Security Predictions
1. Targeted Attacks prompt a growing need for Incident Response Plans
This year saw an increased growth in targeted attacks that proved successful at disrupting services and fraudulently obtaining significant amounts of intellectual property. Cybercriminals will continue to use this method and in 2013, we are likely to see significantly more targeted attacks and targeted malware. This type of attack is more difficult to protect against, especially when cybercriminals destroy evidence of the attack.
Dealing with the clean-up distracts IT administrators who don’t immediately realise they have been hacked. It also adds to the difficulty in ensuring effective incident response as hackers attack hardware as they exit the network. Protecting against this trend will be a major challenge – particularly for enterprise and government organisations.
2. Ransomware will start to impact Australia
Ransomware will be prevalent in 2013. It is operated by encrypting files on a victim’s computer which can only be unlocked by paying the criminals a “fine”. To date, ransomware has been a bigger issue internationally and we have not experienced frequent occurrences in Australia or New Zealand. This is changing. The recent fake Australian Federal Police ransomware attack is an example of this type of attack and while they are successful they will continue.
3. Non-Windows attacks will continue to increase
Non-Windows attacks will continue to increase in 2013. Android devices are now the highest selling mobile devices in the Asia Pacific market and hackers will take advantage of that by developing mobile malware.
Consumers aren’t the only ones at risk of mobile threats. Enterprises, particularly those embracing Bring Your Own Device policies (BYOD), are also at risk. The mobile malware growth rate is similar to that of Windows malware some time ago, which shows it is a genuine threat. McAfee’s Q3 Threat Report for 2012 showed mobile malware almost doubled when compared to the previous quarter’s numbers.i
4. Signed Malware Will Increase in Prevalence
Signed malware was prevalent in 2012 and this trend is likely to continue in Australian and New Zealand over the coming 12 months. Signed malware is present when a hacker obtains a digital certificate from an organisation and appends it to malware, allowing the malware to pass through an organisation’s operating system. Stuxnet is a high profile example of this threat. There will be a large increase in this type of threat and it will be harder to stop because it appears more legitimate.
5. IT Managers Will Start Embracing Security Process Automation
The cyber security function remains one of the only IT functions that has not yet taken advantage of the speed, visibility and comprehensive capabilities provided by automation. With the increasing number, variety and complexity of the threats faced by organisations, many security technologies still require significant hands-on management. IT managers will need to embrace security automation in order to keep up with the threats they face.
About McAfee
McAfee, a wholly owned subsidiary of Intel Corporation (NASDAQ:INTC), empowers businesses, the public sector, and home users to safely experience the benefits of the Internet. The company delivers proactive and proven security solutions and services for systems, networks, and mobile devices around the world. With its Security Connected strategy, innovative approach to hardware-enhanced security, and unique Global Threat Intelligence network, McAfee is relentlessly focused on keeping its customers safe. http://www.mcafee.com
i McAfee Threats Report, Third Quarter 2012
http://www.mcafee.com/us/resources/reports/rp-quarterly-threat-q3-2012.pdf.
