Originally published on December 7, 2016
This is the second post in a three-part Blog series on Network Security
Emerging Threats: Timeline and Lifecycle
Contemporary and future threat landscapes are dynamic and often include unforeseen technological advances. Devices and applications are under development and appear on the market at more rapidly—and with those new technologies come new threats. Not only companies and organizations, but individual users of less expensive technology such as smartphones, tablets, and laptop computers who are novices where information security is concerned must deal with optimizing their devices and applications while blocking potential threats. With the explosion of social media as the primary source of connectivity for so many people internationally, addressing the hidden threats from social media sites is a continuing challenge…and more cross-platform sharing and integration will continue to make device and network security an evolving challenge at all levels.
The intensifying threat landscape is driving organizations to add additional security to protect networks. There were nearly 80,000 security incidents with 2,122 confirmed data breaches reported in 2014. 700 million records were lost, representing about $400M in financial losses to organizations. In 2014, about 170 million malware events occurred where 70-90% of malware was unique to individual organizations—in other words, targeted attacks. The average loss for a breach of 1,000 records ranged from $52K to $87K and the average loss for a breach of one million records ranged between $892K up to $1.77M.
The Threat Timeline
The early days of personal computer availability to consumers and the advent of the Internet and Worldwide Web are behind us. These events were followed by the parallel development of more powerful hardware appliances and more complex applications for those machines. Unfortunately, with those developments also came a thriving developmental path for malware and other methods by which to breach system and network security to obtain data from or deny use of targeted platforms.
Figure 3. Threat Evolution
The threat vector is a dynamic process, with each stage of technology development being accompanied by a near-concurrent development of threats by which to exploit that technology. With a broad distribution of enterprise networks, increasing the need for access to networks and data by mobile users—both business and private, the data center has become the hub of modern global networks, e-commerce, and personal data management. From early direct attacks by hackers to modern and advanced persistent threats, the threat timeline continues to expand—necessitating continued evolution of network security measures.
The Threat Lifecycle
As the sophistication of computer network attacks developed, strategies evolved from direct attacks to the employment of strategic, patient, more complex approaches to computer network intrusion and exploitation. Along with this threat evolution came background and remote threats to computers and networks from seemingly innocuous sources, such as malware embedded in legitimate Internet links or files. With these threats, the lifecycle runs from reconnaissance of potential targets and manufacturing of the method or malware to an endpoint of receiving the desired data or effect and exploiting the results.
Cybercriminals are creating customized attacks to evade traditional defenses, and once inside, to avoid detection and enable egress of valuable data. Once inside the network, there are few systems in place to detect or better still protect against APTs. It can be seen from the threat life cycle (illustrated below) that once the perimeter border is penetrated, the majority of the activity takes place inside the boundary of the network. Activities include disabling any agent-based security, updates from the botnet command and control system, additional infection/recruitment and extraction of the targeted assets.
Figure 4. The Advanced Persistent Threat Lifecycle
Addressing Emerging Threats: Network Security Evolution
Trends in information technology development and employment over the last 15 years have led to a need to rethink the methodology behind modern network security. To further exacerbate this challenge, these trends occurred simultaneously across major industries, all levels of business, and personal consumer environments.
How Network Security Fits In
The early days of personal computer availability to consumers and the advent of the Internet and Worldwide Web are behind us. These events were followed by the parallel development of more powerful hardware appliances and more complex applications for those machines. Unfortunately, with those developments also came a thriving developmental path for malware and other methods by which to breach system and network security to obtain data from or deny use of targeted platforms.
Figure 5. Network Security vs. Network Threats
The evolution of network security necessarily followed the evolution of threats to the network. From the early days of simple, direct attacks to modern threats that include complex, indirect, and coordinated attacks, security development continues to counter new and future threats. The steps in network security evolution are depicted in the following figure, overlaid with threat evolution.
________________________________
Next week will be the final part in the series: Protecting the Future
________________________________
Learn More!
Network security certification training is a core competency of Dynamic Worldwide Training Consultants, offering training through internationally-recognized names such as EC-Council, Juniper Networks, and Fortinet Network Security. Check certification program and course offerings at http://www.DWWTC.com or call for a free, no obligation consultation with a Dynamic Worldwide Training Consultants advisor.
________________________________
Figures 3 through 5 adapted from Fortinet, Inc. Network Security Expert – Level 1 curriculum. Dynamic Worldwide Training Consultants is a Fortinet Premier Authorized Training Center.