
Virtualization and Cloud executives share their predictions for 2015. Read them in this VMblog.com series exclusive.
Contributed article by Kowsik Guruswamy, CTO, Menlo Security
2015 - Shift in Attack Vectors
In 2014, we saw malware attacks and hacks like never before.
Headlines amplified the aftermath of several large-scale breaches, making cyber
security both a board-level discussion and a national priority.
With cyber attacks on the enterprise increasing in
frequency, sophistication and scale, 2015 will prove to be the year when
companies see more aggressive and targeted attacks on their networks, urging them
to seek out new security models for protection. The security landscape is in
the middle of a shift. We will begin to see a rise in malware attacks via SSL-enabled
websites as well as malware attacks geared toward the Internet of Things,
proving an increased need for container security.
Increased Malware Attacks
over SSL
Secure Software Layer (SSL) is a standard security
technology for establishing an encrypted link between a server and a client, usually
a website and a browser, or a mail server and a mail client. SSL allows
sensitive information such as credit card numbers, social security numbers and
login credentials to be transmitted securely. In the past few months, leading
Internet-service providers like Yahoo and Google have been activating SSL
encryption by default, moving websites built with SSL higher up on search
results. Additionally, groups like Electronic Frontier Foundation (EFF) are working
to bring SSL to the masses. In the enterprise, because the infrastructure overhead
is so high, SSL websites end up traveling directly to end-users without monitoring
the incoming traffic. With EFF, Google and Yahoo instilling more trust in SSL
design; hackers will look for ways to infiltrate the "secure" portal. In 2015,
there will be a rise in malware attack over SSL, because network administrators
aren't currently giving technology much attention.
Malware Infiltrates all
Things Internet
Malware can attack any devices users interact with, which
includes the wide array of technologies that encompass the Internet of Things
(IoT). Today, devices such as smartphones, tablets, connected thermostats, automobiles,
televisions, and even refrigerators can connect to the Internet. With
technology becoming more and more pervasive in our daily lives, we've increased
the number of vectors available to hackers and ultimately increased our risk of
being hacked. In 2015, these connected devices will become a huge source of
malware infection.
Securing the
Container Environment
With an uptake in technologies like Docker, enterprises are compelled
to replace their virtual machines with containers because they are cost
effective and automated. Containers have quickly become a popular cloud-optimization
strategy for enterprises, however, what do we really know about the security
implications? Docker containers actually sandbox applications, meaning they can
run random applications on their system as root. Some enterprises make the
mistake of thinking containers are better and faster than running virtual
machines, but from a security perspective; containers are much weaker, as some
are still running privileged systems. In the coming year, enterprises will
implement another layer of security on top of containers, to ensure malware
cannot gain access to servers
Security today is based on the premise that one
can detect whether something is good or bad (e.g., web, email, files). This
premise is fundamentally flawed. All fingers point to coming up with new and
more innovative ways to provide web security for the enterprise to address the
attack vectors (risk) rather than the problem first. It's becoming clearer that
signature detection tools and virtual execution as they work today are not
cutting it when attacks like Destover and Regin are infiltrating our systems. In
2015, we will see different security models emerge to fill the empty holes in
the market.
##
About the Author
Kowsik Guruswamy is CTO of Menlo Security. Previously, he was co-founder
and CTO at Mu Dynamics, which pioneered a new way to analyze networked
products for security vulnerabilities. Prior to Mu, he was a
distinguished engineer at Juniper Networks. Kowsik joined Juniper via
the NetScreen/OneSecure acquisition where he designed and implemented
the industry's first IPS. He has more than 15+ years of experience in
diverse technologies like security, cloud, data visualization, and
computer graphics. Kowsik has 18 issued patents and holds an MSCS from
University of Louisiana.