2010 Security Predictions from Zscaler - Page 2

2009 was the year that we learned the meaning of the word recession and looked to the cloud for answers.

 By Michael Sutton
Page 2 of 2   |  Back to Page 1
Print Article

6.) The arrival of financial DDoS attacks

Cloud-based services generally charge based on actual consumption. This provides attackers with incentive to hold enterprises hostage by artificially inflating costs. Unfortunately, cloud providers have little incentive to stop this practice.

7.) Poking holes in the cloud

My greatest hope for 2010 is that marketing departments will give the term "cloud computing" a well-deserved break. 2009 saw great interest in the development of cloud computing architectures and one must wonder how often security was sacrificed in order to get to market quickly. Expect attackers to devote time to poking holes in the APIs of cloud providers. When they're found, thanks to multi-tenant architectures, it will have been worth the effort.

8.) Clickjacking comes out of hibernation

Clickjacking roared onto the scene in the summer of 2008 when Jeremiah Grossman and Robert Hansen had their OWASP talk delayed at the request of Adobe. The sensational Web cam/microphone hack that drew media attention has been addressed, but the overall flaw still remains. Clckjacking can be a valuable tool in a social engineering attack and we've just begun to see it leveraged.

9.) Browser vendors finally start to take XSS seriously

I was very encouraged when Microsoft released IE 8 this year and it included cross-site scripting (XSS) protection. For all of the heat that Microsoft takes for security vulnerabilities, it continues to be a leader when it comes to adding innovative security features, and this is another example. I'm confident that other browser vendors have taken notice and will fall in line.

10.) Past Data Breaches will look like child's play

This is by far the easiest prediction to make. We've all been amazed by the staggering numbers of compromised accounts in the CardSystems, Heartland and TJX data breaches, but prepare to be blown away once again. After all, records were made to be broken. As memory becomes cheaper and power becomes more expensive, enterprises are looking to consolidate data storage and continue to build massive data centers and develop ever larger data stores thanks to cloud computing. The volume of data that can be stolen when adequate security controls are not implemented will be truly staggering.

This article was originally published on Dec 15, 2009
Get the Latest Scoop with Networking Update Newsletter