As the year 2013 draws to a close, we decided to make some predictions for the most popular Security Trends in 2014. Here is what we think are the major points that will determine the determine the Security Landscape in the coming year.

Big Boom in Mobile Security

Security is catching up to mobile fast. We are in the post PC revolution and with the rise in the number of people using Smartphones, most of the information that we have is available to us anytime in the palm of our hand. In 2014, we will see a big rise in mobile security awareness among developers as well as the number of mobile threats and malwares. A number of new mobile security analysis tools will be launched and frameworks like Metasploit would also be added with a number of exploits for mobile operating systems. Mobile Developers will start realizing the fact that their applications are not secure and will begin taking precautions to prevent their applications from being exploited. Every company dealing with security will try to make use of this window and try to emerge as the leaders in the mobile security domain. We will also see a number of certifications being launched by companies with specific focus on Mobile Security.

Attacks on Bitcoin

Bitcoins are becoming popular for a quick and easy way of payment. In the coming years, we will see malwares that specifically target the Bitcoin wallets of users. This is more effective because once the coins are stolen, they can be used instantly or even cashed out with full anonymity.

Services which provide anonymity will be in demand

As the normal user becomes more and more concerned about what they do online because of the intelligence agencies that keep an eye on everything they do, the use of services that provide more anonymity will become more popular among regular users. Services like Tor and VPN service providers will see a great increase in demand. New encryption mechanisms will also be used to encrypt data.

Concept of a Parallel Internet

The concept of a parallel internet has been around since some time now. In the past, concerns have been raised over whether Internet censorship is the answer to defend against scenarios that could generate online piracy. This issue has become so prominent because popular sites like Google and Facebook allows users to share information without bearing responsibility for the content posted. Project Meshnet (originally called the Darknet) was born out of concerns over censorship and is aimed at setting up an open, decentralized, and censorship free Internet. This architecture makes mesh topology completely decentralized, (i.e. without any centralized authority) thus making it impossible to censor any form of data. In 2014, we will see an increase in the use of such parallel networks.

Another reason for this fragmentation of the internet could be for the safety of the users. In the coming years, we might see some countries opting to have a separate “parallel” internet that keeps a check on everything the user does and does not allow anonymity at all. This will however be against the will of some users though. Some countries like China are already doing a similar kind of a thing and we will see this practice being followed by other nations or organizations as well in the coming year.

Personal attacks become more and more common and more and more personal

We will definitely see a rise in the trend where the cyber attacks are not directed at organizations but at individuals. Social Engineering attacks are definitely going to get some heat in the coming year as the hacker realizes that an individual is much more vulnerable. Attacks at individuals working at an organization will also be a good medium to get some confidential data about the organization. This could include getting the source code of a product before it is released, stealing information about the companies customers etc.

Attacks on Cloud Storage Providers

These days, we store a lot of our information in the cloud using services like Dropbox, Google Drive etc. There have also been some claims made that companies like Dropbox store our information in an unencrypted format on their servers. As more and more companies start relying on these services to store data and to exchange data between their employees, a successful attack on these service providers could turn up a lot of information for the hacker. In 2014, we are going to see dedicated attacks on these Cloud Service Providers. Expect atleast one major and succesful attack !!

Hello Smartwatch !

Want to learn more?? The InfoSec Institute CISSP Training course trains and prepares you to pass the premier security certification, the CISSP. Professionals that hold the CISSP have demonstrated that they have deep knowledge of all 10 Common Body of Knowledge Domains, and have the necessary skills to provide leadership in the creation and operational duties of enterprise wide information security programs.

InfoSec Institute's proprietary CISSP certification courseware materials are always up to date and synchronized with the latest ISC2 exam objectives. Our industry leading course curriculum combined with our award-winning CISSP training provided by expert instructors delivers the platform you need in order to pass the CISSP exam with flying colors. You will leave the InfoSec Institute CISSP Boot Camp with the knowledge and domain expertise to successfully pass the CISSP exam the first time you take it. Some benefits of the CISSP Boot Camp are:

  • Dual Certification - CISSP and ISSEP/ISSMP/ISSAP
  • We have cultivated a strong reputation for getting at the secrets of the CISSP certification exam
  • Our materials are always updated with the latest information on the exam objectives: This is NOT a Common Body of Knowledge review-it is intense, successful preparation for CISSP certification.
  • We focus on preparing you for the CISSP certification exam through drill sessions, review of the entire Common Body of Knowledge, and practical question and answer scenarios, all following a high-energy seminar approach.

With the launch of the Samsung Galaxy Gear, Sony’s smartwatch and with predictions that Apple is going to launch their own iWatch in the second half of 2014, developers will have one more device to build apps for. Just like any other products, these smartwatches are going to have some very common vulnerabilities that will be discovered by hackers. Even though i don’t expect a lot of smartwatch malwares, but we will definitely see some attacks against these smartwatches.

More Advanced Malwares

The standards are surely going to increase in 2014. Malwares will be more intrusive yet less easily detectable. Companies dealing with malware threats will have more and more work to do as these malwares become more advanced and stealthy. Expect a large increase in the number of mobile malwares.