General security

Security Predictions for 2014

Prateek Gianchandani
December 26, 2013 by
Prateek Gianchandani

As the year 2013 draws to a close, we decided to make some predictions for the most popular Security Trends in 2014. Here is what we think are the major points that will determine the determine the Security Landscape in the coming year.

Big Boom in Mobile Security

What should you learn next?

What should you learn next?

From SOC Analyst to Secure Coder to Security Manager — our team of experts has 12 free training plans to help you hit your goals. Get your free copy now.

Security is catching up to mobile fast. We are in the post PC revolution and with the rise in the number of people using Smartphones, most of the information that we have is available to us anytime in the palm of our hand. In 2014, we will see a big rise in mobile security awareness among developers as well as the number of mobile threats and malwares. A number of new mobile security analysis tools will be launched and frameworks like Metasploit would also be added with a number of exploits for mobile operating systems. Mobile Developers will start realizing the fact that their applications are not secure and will begin taking precautions to prevent their applications from being exploited. Every company dealing with security will try to make use of this window and try to emerge as the leaders in the mobile security domain. We will also see a number of certifications being launched by companies with specific focus on Mobile Security.

Attacks on Bitcoin

Bitcoins are becoming popular for a quick and easy way of payment. In the coming years, we will see malwares that specifically target the Bitcoin wallets of users. This is more effective because once the coins are stolen, they can be used instantly or even cashed out with full anonymity.

Services which provide anonymity will be in demand

As the normal user becomes more and more concerned about what they do online because of the intelligence agencies that keep an eye on everything they do, the use of services that provide more anonymity will become more popular among regular users. Services like Tor and VPN service providers will see a great increase in demand. New encryption mechanisms will also be used to encrypt data.

Concept of a Parallel Internet

The concept of a parallel internet has been around since some time now. In the past, concerns have been raised over whether Internet censorship is the answer to defend against scenarios that could generate online piracy. This issue has become so prominent because popular sites like Google and Facebook allows users to share information without bearing responsibility for the content posted. Project Meshnet (originally called the Darknet) was born out of concerns over censorship and is aimed at setting up an open, decentralized, and censorship free Internet. This architecture makes mesh topology completely decentralized, (i.e. without any centralized authority) thus making it impossible to censor any form of data. In 2014, we will see an increase in the use of such parallel networks.

Another reason for this fragmentation of the internet could be for the safety of the users. In the coming years, we might see some countries opting to have a separate "parallel" internet that keeps a check on everything the user does and does not allow anonymity at all. This will however be against the will of some users though. Some countries like China are already doing a similar kind of a thing and we will see this practice being followed by other nations or organizations as well in the coming year.

Personal attacks become more and more common and more and more personal

We will definitely see a rise in the trend where the cyber attacks are not directed at organizations but at individuals. Social Engineering attacks are definitely going to get some heat in the coming year as the hacker realizes that an individual is much more vulnerable. Attacks at individuals working at an organization will also be a good medium to get some confidential data about the organization. This could include getting the source code of a product before it is released, stealing information about the companies customers etc.

Attacks on Cloud Storage Providers

These days, we store a lot of our information in the cloud using services like Dropbox, Google Drive etc. There have also been some claims made that companies like Dropbox store our information in an unencrypted format on their servers. As more and more companies start relying on these services to store data and to exchange data between their employees, a successful attack on these service providers could turn up a lot of information for the hacker. In 2014, we are going to see dedicated attacks on these Cloud Service Providers. Expect atleast one major and succesful attack !!

Hello Smartwatch !

With the launch of the Samsung Galaxy Gear, Sony's smartwatch and with predictions that Apple is going to launch their own iWatch in the second half of 2014, developers will have one more device to build apps for. Just like any other products, these smartwatches are going to have some very common vulnerabilities that will be discovered by hackers. Even though i don't expect a lot of smartwatch malwares, but we will definitely see some attacks against these smartwatches.

More Advanced Malwares

FREE role-guided training plans

FREE role-guided training plans

Get 12 cybersecurity training plans — one for each of the most common roles requested by employers.

The standards are surely going to increase in 2014. Malwares will be more intrusive yet less easily detectable. Companies dealing with malware threats will have more and more work to do as these malwares become more advanced and stealthy. Expect a large increase in the number of mobile malwares.

Prateek Gianchandani
Prateek Gianchandani

Prateek Gianchandani, a recent IIT graduate, has interests in the field of Penetration Testing, Web Application Security and Intrusion Detection. He is currently a researcher for InfoSec Institute. In the past he has worked for security-based startups.

You can contact him at prateek.searchingeye@gmail.com and on twitter @prateekg147 or you can visit his personal website at highaltitudehacks.com