Agile Hackers will Break Security

Friday, March 23, 2012 @ 05:03 PM gHale


It has been hard enough to get companies to actually act on and create security plans, but once they do, it seems hackers are adapting and understanding these new policies and finding ways to infiltrate systems any way, new research said.

That is why manufacturing automation professionals have to understand the dynamic nature of the security environment, where changes need to occur on a fairly regular basis.

RELATED STORIES
Cyber Report: U.S. Knows Groups Behind Attacks
Flaws in Microsoft, Dell, TBS Sites
Execs Unaware of Security Risks
Security to Industry: Time to Wake Up

In addition, there was a marked increase in the number of attacks targeting mobile devices and social networks, according to the IBM X-Force 2011 Trend and Risk Report.

There was a 19 percent rise in publicly-released mobile exploits, indicating hackers are increasingly targeting mobile devices as they grow in prominence in the work place.

“I think that this is going to grow as a problem,” said Thomas Cross, X-Force strategy and threat Intelligence manager at IBM. “We saw an increase in the amount of exploit code released this year, over the Internet, designed to target mobile devices.”

Cross said the growing bring your own device (BYOD) trend in many companies posed risks by making it difficult for IT staff to ensure employees’ devices have correct patches with the latest security software, offering a potential goldmine of unsecured personal information to hackers.

The report also warned attacks taking place on social media sites are also increasing, with hackers using sites to help develop new techniques to steal information.

“We’re sharing a lot of information about ourselves online, more so than we did even a few years ago. If you’re going to collect information about an organization there’s a great deal you can learn: Who works there and what their online identity is,” Cross said.

“We are seeing that play into hack activity, with people creating sophisticated spear phishing attacks that are compelling to their victims and the way that you do that is by knowing who you are targeting.”

IBM also warned cloud computing is also a major security issue, because some companies that have pushed the technology out without taking adequate measures to protect the stored data.

“Many cloud customers tapping a service worry about securing the technology. Depending upon the type of cloud deployment, most, if not all, of the technology is outside of the customer’s control,” said Ryan Berg, IBM’s security cloud strategist.

“They should focus on information security requirements of the data destined for the cloud, and through due diligence, make certain their cloud provider has the capability to adequately secure the workload.”



Leave a Reply

You must be logged in to post a comment.