This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

2014 - Malware to reduce but risks to rise

Share this article:

Predictions for 2014 in a new report from Websense Security Labs sugggest malware attacks will fall in volume but become more targeted whlle cyber attackers will focus on cloud-based data and Java vulnerabiliites.

Malware attacks will fall in volume next year but become more targeted. Meanwhile, cyber attackers will increasingly switch their attention from corporate networks to cloud-based data, and Java will continue to be vulnerable. These are the predictions for 2014 in a new report from Websense Security Labs.

The quantity of new malware is already beginning to fall, according to Websense's data feeds, but the good news is tempered by the fact that cyber criminals are turning to more focused attacks, to secure a foothold then steal user credentials and move unilaterally throughout infiltrated networks. “Although the volume of attacks will decrease, the risk is even greater because of the increasingly stealthy nature of threats,” the Websense report warns.

Attackers will also increasingly train their sights on cloud rather than network-held data because, the report says,  they “will find that penetrating the data-rich cloud can be easier and more profitable than getting through the ‘castle walls' of an on-premise enterprise network”.

It adds: “No doubt attackers will still infiltrate enterprise networks to target users, steal information and compromise their systems. However, such attacks will serve as an intermediate step to gain access to third-party cloud services instead of an internal data store.”

And among other predictions, the report says Java will remain highly exploitable and exploited, with expanded repercussions. This is because “despite highly publicised and successful exploitations of Java vulnerabilities throughout 2013, most end points continue to run older versions of Java and therefore remain extremely exposed to exploitation”.

Commenting on the trend in malware attacks, Websense senior security research manager Carl Leonard told SCMagazineUK.com: “Although advanced malware volume will decrease, the amount of attacks will increase. Instead of bombarding companies with 15 pieces of malware to achieve one breach, they will use the malware in a wiser way to get more targeted attacks through the door and will then move around the network.”

Faced with the threat to cloud data, he said: “Organisations need to question how much they trust their current cloud provider and to what extent is their data protected in the cloud. I advise companies to start off small, and make sure that works for them, and once confident start to move the rest of your data to the cloud.”

On Java exploits, he said: “Java is incredibly prevalent within organisations, but it has many vulnerabilities. We believe that cyber criminals will selectively use the zero-days for applications like Java because they don't want to reveal their best hand yet. They want to keep those for organisations that they know they can best profit from.”

Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

Hackers tap flaws in Amazon cloud to host DDoS botnets

Hackers tap flaws in Amazon cloud to host ...

Profitable and easy-to-use vulnerability exploited by cybercriminals says security researcher

China allegedly behind attack on Canadian research group

China allegedly behind attack on Canadian research group

One day on from claims that Chinese hacker group 'Comment Crew' was behind the theft of confidential documents on an Israeli missile defense system, the country is also being cited ...

UK Lords slams EU ruling on "right to be forgotten"

UK Lords slams EU ruling on "right to ...

A committee sitting in the UK's House of Lords has said that the EU's ruling on the 'right to be forgotten', which requires companies to delete data on request where ...