M2M FEATURE

December 10, 2012

FortiGuard Labs Talks Network Security in 2013: What to Watch For


FortiGuard Labs, part of the high-end network security firm Fortinet, released earlier today their threat projections for 2013, giving network security personnel a big sheaf of metaphorical wanted posters in terms of developments in the network security space to watch out for. There were six specific trends to watch for in the network security space, and they promised big changes in the field as a whole, with even M2M seeing threats emerge.

First, FortiGuard Labs talked about Advanced Persistent Threats (APTs) role in network security, and how they not only use technology to the fullest to attack other technology, but do so by way of multiple different methods and approaches, making them extremely dangerous. There have already been some big-name APTs making appearances, like Gauss, Flame, and the Iranian bane known as Stuxnet, and 2013 promises to see them on the increase.

Next came a projected move to two-factor authentication models over the current standard of single password sign-on. When password crackers are easily available, and cloud-based technology can lead to 300 million different passwords tried in just 20 minutes (available for under $20, no less), the old standard of one password to protect systems is under fire. But with two-factor authentication, an extra layer of protection is established that's not only much harder to crack, but also rapidly changing thanks to a secondary password issued only when the first is delivered.

Then FortiGuard Labs addressed exploits that would go after machine to machine (M2M) communications. While there are many opportunities to advance technology through M2M communications, there is much less consensus on just how to protect this new communications system. With little in the way of protection consensus, it leaves open a field of possibility for attack, especially in which attackers can poison an information stream, leading to a chain reaction of sorts in which machines downstream of the poisoned point can open up a vulnerability based on the wrong information received from upstream.

The sandbox played a role in the next major threat, as security technologies have discovered a way to move programs to a sort of neutral territory where they can't transfer information from one point to another. New exploits are geared toward breaking out of the sandbox, from where, formerly, they could do no damage. This is expected to get much worse in 2013, and leave the sandbox a tool of questionable effectiveness.

Another major concern in 2013 will be the rise of cross-platform botnets, which incorporate not only PCs, but also mobile hardware like smartphones and tablets. The growing popularity of these devices makes them excellent targets for botnet creators, and opens up a possibility for new, more powerful direct denial of service attacks. Previously, a botnet was commonly found running on PC alone, or on mobile devices alone like the recently-emerged Zitmo botnet, but with this new variety, the same botnet may be found across multiple types of device.

Finally, FortiGuard Labs expects a rise in mobile malware growth, and expects it to rise with the popularity of mobile devices as a whole, while PC malware may prove on the decline as more users turn to mobile devices for their computing needs.

The future looks dangerous for communications as a whole, even M2M communications, but with due vigilance and careful planning, the risks can be mitigated and the potential advantages fully realized.




Edited by Brooke Neuman


Back to m2m Evolution Home



COMMENTS

blog comments powered by Disqus


RELATED M2M ARTICLES




 
M2M Evolution Conference
The robust M2M conference program will focus on topics that inform and educate our audience of the latest and greatest technologies, current and future regulatory policies, new verticals, new applications and all of the hottest topics in Machine-to-Machine Industry. The M2M Evolution Conference is trending to become the leading educational and networking event in the M2M Industry and we’d like you to be a part of it.

Topics Include:
  • M2M and Smart Energy
  • M2M and Healthcare
  • M2M in the Enterprise
  • M2M and the Service Provider

Weekly Digest of M2M News and Product Developments - Delivered to Your Inbox

Stay charged with the most interesting and most important news covering M2M
Click here to select other communications and technology topics | No Thanks