McAfee Labs has published a report with the predictions of threats in 2014 (McAfee Labs 2014 Threats Predictions), where in the list along with the apocalyptic threat of cyber-attacks on infrastructure, big data, and PC, there is also an attack on data breaches and data loss, denials of service, and malicious uses.
Many of the threats that come to the surface in 2013 is likely to spread in 2014, but cybercriminals improving their tools and malware and are ready to significantly affect the market in 2014.
McAfee expects to see an increase in attacks aimed at shared resources in any IaaS, PaaS, or SaaS (Infrastructure, Platform, or Software as a Service) cloud environment. The report said that large enterprises may have sufficient leverage to require cloud providers to put security measures in place that are consistent with the enterprise’s security posture. Smaller consumers of cloud-based services, however, will not and will need to carefully review the provider’s often ambiguous user agreement as it relates to security and data ownership. New cloud services may also expose new attack surfaces until the services reach a level of maturity that includes the instrumentation and countermeasures required to ensure the security of the data they must protect.
Customers risk a loss of control over their data as various free cloud providers effectively own the data that customers place with them. A failure at a cloud provider could result in the complete loss of all data stored there. Many consumers do not back up data at multiple providers or locally; they could lose everything if their cloud service fails, the report added.
The denial-of-service (DoS) attacks will also increase, causing service outages and financial loss to cloud providers. Cybercriminal will target cloud-based applications and data repositories such as the ubiquitous hypervisors found in all data centers, the multitenant communications infrastructure implicit in cloud services, and management infrastructure used to provision and monitor large-scale cloud services.
Big data has certainly gone a big deal in 2013. But this year, big data is expected to make a significant impact on the ability of the security industry to identify many of these advanced attacks. According to McAfee, in 2014 security vendors will add new threat-reputation services and analytics tools that will enable them and their users to identify stealth and advanced persistent threats faster and more accurately than can be done today. Big Data analytics will allow security practitioners to identify the sophisticated advance evasion technique attacks and advanced persistent threats that can disrupt mission critical business processes. The security firm also expects commercial companies will become more effective and more aggressive in tracking consumers by analyzing their growing pieces of big data.
McAfee Labs in its another annual 2014 Predictions Report expects to see increase attacks of ransomware aimed at mobile devices as more business shifting to mobile and the expansion of BYOD trend.