Published on the 21/01/2010 | Written by Newsdesk

Hacking will become a more potent threat over the new decade as criminals evolve illegally accessing computers into an industry, according to data security firm Imperva.

Imperva predicts five key security trends for the 2010s:

• The industrialisation of hacking, with clear definition of roles developing within the hacking community forming a supply chain that starkly resembles that of drug cartels. The weapons of choice will be automated tools such as malware distributed via botnets.
• A move from application to data security as cyber-criminals look for new ways to bypass existing application security measures and focus on obtaining the valuable data itself via insider. The fast growth in the number of applications that access enterprise data pools will make application security approaches much less cost effective than a security approach that is data centric.
• Increasing attacks on social network sites where vulnerable and less technically savvy groups are susceptible to phishing attacks and malware.
• An increase in password theft/grabbing attacks as it is perceived that by obtaining credentials for one application – like an email account – these will also apply to other applications such as online banking and Paypal accounts.
• A move from reactive to pro-active security as organisations move from sitting back and waiting to be breached, to actively seeking holes and plugging them.

Amichai Shulman, Imperva’s chief technology officer, advises application owners to tackle these trends head on.

“Organisations that are serious about protecting data will require a mind change to taking action at the source, utilising a number of technologies including a data-based firewall combined with data and file activity monitoring. Plus the next generation of DLP products are heading in a promising direction,” he says.

“I see automation as a major issue and technical measures will be needed to combat this trend. Organisations must look to integrate their protection tools with pro-active security measures, admittedly not readily available today. The security community is currently developing solutions that will become widely available over the next few years. The next decade must see the IT security industry rise up and stand shoulder to shoulder if it is to win the fight against cyber-criminals.”