Skip to main content
Computer Security Predictions for 2004

Computerworld makes a series of predictions that are worth sharing.

In 2004, information security professionals will experience more of the darker side of human behavior, but organizations will also take more control over their network and computing infrastructures, particularly end-user systems.



R.a..n,d,ô.,m p,u,,ñ,c.t,,u_a.t.1..0.n

Spam operators are getting more creative in their efforts to get around spam filters. R.a..n,d,o.,m p,u,,n,c.t,,u_a.t.1..0.n makes it nearly impossible to block spam messages by filtering keywords. Operators are changing to graphics interchange format images with no searchable text. Some spammers send in encoded formats, like Base64, to circumvent keyword filters altogether, and relay through IP addresses that have no Domain Name System domains associated with them. These recent developments are challenging spam-filter vendors and frustrating users.

More organizations will quantify the productivity losses and processing costs incurred by spam. Increasingly, IT security departments will be saddled with solving the problem, since it's a content management issue.

Consumer and office-worker definitions of spam will shift, thanks to the capabilities found on desktop spam-control products. Spam, once the domain of unsolicited junk e-mail, will become plain unwanted e-mail. Mail I requested last week is spam this week. A worker who subscribes to a mailing list in January will no longer want it in April. It will be easier to mark the message as spam than it will be to unsubscribe to the list. The messages will keep on flowing -- at the user's request -- but will be blocked before the user sees it.

Internet access filtering

Speaking of productivity, larger organizations will get more serious about managing and filtering employee access to Internet Web sites. Three justifications will dominate: productivity, security and legal liability. I'll explain these in more detail.

There have been a handful of sexual harassment lawsuits filed by employees who happen to see their colleagues surfing porn sites at work. Employees sue the employer for the distress of seeing these images and for the employers' failure to do anything about it.

Desktop management

Enterprises will begin to clamp down on users' ability to install software and make other configuration changes to their desktop systems. Windows 2000 had this capability, but thanks to the relatively uncontrollable Windows 95 and 98 platforms, users are accustomed to "owning" their desktop/laptop systems, with the ability to make systems configuration changes and install, update or remove software at will.

Unpopular as it will be, this has to change if IT is to regain control of its environment. A sizable portion of IT help desk call volume is associated with "power" users misconfiguring their systems and the problems brought about by non-IT-approved software. As a result, fewer users will have administrator privileges on their systems.

You may ask, what does desktop management have to do with security? An environment that lacks integrity (such as one where PC users are able to make configuration changes at will) will suffer a corresponding reduction in security because users' changes will sometimes make their workstations more vulnerable, and in other cases, user changes may be downright malicious.

Personal firewalls

Thanks to Blaster, Nachi and perhaps another worm in the final weeks of 2003, personal firewall software on end-user systems will finally get traction. Many companies found that these worms got into their networks via infected laptops that didn't have firewall software. The laptops became infected when connected to the Internet at home, where there was no firewall to protect them.

Senior managers who want to keep their jobs by avoiding a repeat of 2003 are funding enterprisewide personal firewall deployments. Now let's hope that they will be able to effectively manage them and still retain the ability to manage the PCs.

Leaky metadata

Tools that scrub metadata (change history, hidden text, undo information, internal routing memos and so on) will enjoy wider use. In 2004 or 2005, Microsoft will add a scrub feature to Word, Excel, PowerPoint and other software, perhaps by acquiring a leading third-party tool in 2004.

USB flash drives

One or more major companies will attempt to ban the use of Universal Serial Bus flash drives on the grounds that unscrupulous employees are using them to leak proprietary information. The result will be embarrassing, negative publicity for a policy that's ineffective in the first place.

Seriously, though, this is a problem for organizations. Many will begin to understand that the problem isn't with the technology, it's with the people!

Wi-Fi break-in

There will be at least one well-publicized break-in to a corporate Wi-Fi network. The cause of this attack will either be because the network was supported by IT but poorly protected, or a rogue access point was installed by an unauthorized employee. Regardless, the incident will shed light on this still-neglected vulnerability and spur companies into action.

Bluetooth

The same people who hack computers, send spam, make Pringle-can antennas, and drive funny cars will discover Bluetooth and begin to experiment with its uses and abuses. Negative publicity may cause Bluetooth to go back to the drawing board. Does any of this sound familiar? Will hackers build high-gain Bluetooth antennas from discarded ChapStick dispensers? And what will Bluetooth hacking be called? War nibbling? "Bluejacking?" Why someone would want to carry out such acts within six feet of a potential victim is beyond me, but people with too much time on their hands will figure this out, you can be sure of it.

Mobile phone hacking

Mobile phones are acting a lot more like wireless data terminals with very lightweight operating systems. We're building another monoculture, this time on almost-free devices that may outnumber PCs in a couple of years. Perhaps in 2004, we'll see more malicious code attacks than in years past.

IM incidents

Internet-based instant messaging services by America Online, MSN and Yahoo are in wide use inside large corporations whose IT departments may be unaware of the extent of IM use and are unable or unwilling to stop it. In most cases, corporate IT has no centralized control over IM. But the greatest concern should be that corporate messages sent via IM are traversing the Internet with no encryption. Any eavesdropper can see all of the messages flying by. I think that there will be at least one well-publicized incident wherein a hacker publicizes big-company proprietary information sent via IM.
Public utility break-in .

Many public utilities have connected their SCADA infrastructure to the Internet. It must have seemed like a good idea at the time. SCADA stands for Supervisory Control and Data Acquisition. It's the mechanism that utilities use to monitor and control substations, water systems and power plants. I think that in 2004, a break-in to a public utility's SCADA system will be publicized

Organized defense

The FBI and the U.S. Secret Service have made tremendous progress in their ability to track down and apprehend cybercriminals. Cooperation through public/private partnerships such as InfraGard will likewise improve. Those of us on the good side of security have a vested interest in the success of these efforts.

Organized crime

We're already seeing this in Eastern Europe, South America and Southeast Asia: Gangs of hackers extort money from Web site operators and Internet service providers that are unable to defend themselves from denial-of-service attacks. Sadly, we're sure to see an increase in this sort of activity. Hacking for "protection money" and other sources of revenue will become a big business synonymous with drug and credit card trafficking.

Someday, in 2004 or beyond, I think we'll see standard language incorporated into many of the standard treaties between countries that will make it easier to identify and apprehend cybercriminals. Today, it's far too easy for these perpetrators to hide themselves in countries unwilling or unable to ferret them out.

Shorter time to exploitation

This is a fancy term that refers to the length of time (previously measured in calendar quarters, now measured in days or hours) it takes for hackers to build proof-of-concept worms or viruses that exploit recently announced Microsoft (and other vendors') security vulnerabilities.

No kidding, you are probably thinking, everyone knows this. But I have placed this section immediately following organized crime for a reason. I dare say Microsoft recognized this when it developed its Anti-Virus Reward Program. The company is simply balancing the profit motive in order to even the score.

Summary

There are three themes that I hope you've picked up on before getting to this paragraph. First, it's not necessarily a good idea to connect something to the Internet just because you can. Second, whenever a new technology comes out, its developers generally do a poor job of designing security into it, but we embrace it anyway. And third, whenever a new technology is available to do good things, there's always someone who figures out how to do something bad with it that the rest of us never thought of.

Comments

Popular posts from this blog

Mainframe to Mobile

Not one of us has a clue what the world will look like in five years’ time, yet we are all preparing for that future – As  computing power has become embedded in everything from our cars and our telephones to our financial markets, technological complexity has eclipsed our ability to comprehend it’s bigger picture impact on the shape of tomorrow.

Our intuition has been formed by a set of experiences and ideas about how things worked during a time when changes were incremental and somewhat predictable. In March 1953. there were only 53 kilobytes of high-speed RAM on the entire planet.

Today, more than 80 per cent of the value of FTSE 500* firms is ‘now dark matter’: the intangible secret recipe of success; the physical stuff companies own and their wages bill accounts for less than 20 per cent: a reversal of the pattern that once prevailed in the 1970s. Very soon, Everything at scale in this world will be managed by algorithms and data and there’s a need for effective platforms for ma…

An Ockham of Gatwick

The 13th century theologian and philosopher, William of Ockham, who once lived in his small Surrey village, not so very far from what is today, the wide concrete expanse of Gatwick airport is a frequently referenced source of intellectual reason. His contribution to modern culture was Ockham’s Razor, which cautions us when problem solving, that “The explanation requiring the fewest assumptions is most likely to be correct;” sound advice which constantly proves to be true.

A week further-on since Britain’s second busiest airport was bought to a complete standstill by two or perhaps two hundred different drone sightings, it is perhaps time to revisit William of Ockham’s maxim, rather than be led astray by an increasingly bizarre narrative, one which has led Surrey police up several blind alleys with little or nothing in the way of measurable results.

 Exploring the possibilities with a little help in reasoning from our medieval friar, we appear to have a choice of two different account…
A Christmas Tale

It’s pitch blackness in places along the sea wall this evening and I'm momentarily startled by a small dog with orange flashing yuletide antlers along the way. I’m the only person crazy enough to be running and I know the route well enough to negotiate it in the dark, part of my Christmas exercise regime and a good way of relieving stress.

Why stress you might ask. After all, it is Christmas Day.

True but I’ve just spent over two hours assembling the giant Playmobil ‘Pony Farm’ set when most other fathers should be asleep in front of the television.



I was warned that the Playmobil ‘Pirate Ship’ had driven some fathers to drink or suicide and now I understand why. If your eyesight isn’t perfect or if you’ve had a few drinks with your Christmas lunch then it’s a challenge best left until Boxing day but not an option if you happen to have a nine year old daughter who wants it ready to take horses by tea time.

Perhaps I should stick to technology but then, the instruc…