Virtualization and Cloud executives share their predictions for 2015.  Read them in this VMblog.com series exclusive.

Contributed article by Kowsik Guruswamy, CTO, Menlo Security

2015 - Shift in Attack Vectors

In 2014, we saw malware attacks and hacks like never before. Headlines amplified the aftermath of several large-scale breaches, making cyber security both a board-level discussion and a national priority.   

With cyber attacks on the enterprise increasing in frequency, sophistication and scale, 2015 will prove to be the year when companies see more aggressive and targeted attacks on their networks, urging them to seek out new security models for protection. The security landscape is in the middle of a shift. We will begin to see a rise in malware attacks via SSL-enabled websites as well as malware attacks geared toward the Internet of Things, proving an increased need for container security.

Increased Malware Attacks over SSL

Secure Software Layer (SSL) is a standard security technology for establishing an encrypted link between a server and a client, usually a website and a browser, or a mail server and a mail client. SSL allows sensitive information such as credit card numbers, social security numbers and login credentials to be transmitted securely. In the past few months, leading Internet-service providers like Yahoo and Google have been activating SSL encryption by default, moving websites built with SSL higher up on search results. Additionally, groups like Electronic Frontier Foundation (EFF) are working to bring SSL to the masses. In the enterprise, because the infrastructure overhead is so high, SSL websites end up traveling directly to end-users without monitoring the incoming traffic. With EFF, Google and Yahoo instilling more trust in SSL design; hackers will look for ways to infiltrate the "secure" portal. In 2015, there will be a rise in malware attack over SSL, because network administrators aren't currently giving technology much attention.

Malware Infiltrates all Things Internet

Malware can attack any devices users interact with, which includes the wide array of technologies that encompass the Internet of Things (IoT). Today, devices such as smartphones, tablets, connected thermostats, automobiles, televisions, and even refrigerators can connect to the Internet. With technology becoming more and more pervasive in our daily lives, we've increased the number of vectors available to hackers and ultimately increased our risk of being hacked. In 2015, these connected devices will become a huge source of malware infection.

Securing the Container Environment

With an uptake in technologies like Docker, enterprises are compelled to replace their virtual machines with containers because they are cost effective and automated. Containers have quickly become a popular cloud-optimization strategy for enterprises, however, what do we really know about the security implications? Docker containers actually sandbox applications, meaning they can run random applications on their system as root. Some enterprises make the mistake of thinking containers are better and faster than running virtual machines, but from a security perspective; containers are much weaker, as some are still running privileged systems. In the coming year, enterprises will implement another layer of security on top of containers, to ensure malware cannot gain access to servers

Security today is based on the premise that one can detect whether something is good or bad (e.g., web, email, files). This premise is fundamentally flawed. All fingers point to coming up with new and more innovative ways to provide web security for the enterprise to address the attack vectors (risk) rather than the problem first. It's becoming clearer that signature detection tools and virtual execution as they work today are not cutting it when attacks like Destover and Regin are infiltrating our systems. In 2015, we will see different security models emerge to fill the empty holes in the market.

##

About the Author 

Kowsik Guruswamy is CTO of Menlo Security. Previously, he was co-founder and CTO at Mu Dynamics, which pioneered a new way to analyze networked products for security vulnerabilities. Prior to Mu, he was a distinguished engineer at Juniper Networks. Kowsik joined Juniper via the NetScreen/OneSecure acquisition where he designed and implemented the industry's first IPS. He has more than 15+ years of experience in diverse technologies like security, cloud, data visualization, and computer graphics. Kowsik has 18 issued patents and holds an MSCS from University of Louisiana.