Future of internet security seen as "perpetual arms race"

- Wednesday, August 17, 2011

Future of internet security seen as

Hacker attacks are expected to take place more often and be more destructive, leading to a "perpetual arms race" between companies/users and cybercriminals, according to Gartner research VP Joseph Feiman, an expert in the study and development of internet security solutions.

The expert believes the arms race is the most likely out of four possible scenarios.

Other scenarios involve a "software engineering" reality, where there would barely be attacks. In this case, software, programs and systems would be sold totally security built, with technologies preventing all possible types of attacks.

Start your 15 day free trial now!

cta-arrow

Already a subscriber? Please, login

A second would be what he called an "impossible and unrealistic" scenario of "security nirvana," where no attacks are coming from hackers.

In a third, more pessimistic scenario, the hackers would win, creating "chaos." But Feiman said this is equally unlikely to happen.

In the arms race scenario, counter attacking solutions will get better and more efficient to respond to more frequent, invasive and sophisticated attacks.

PATTERN OF ATTACKS

Feiman believes there has been a clear change in the pattern of hacker attacks along the years. He said that instead of millions of disperse attacks, hackers have moved to targeted and concentrated ones, working for months to develop a single strategy to breach bank accounts and pages.

The attack's objectives have also changed. From fame to mere vandalism, this sort of activity has become a business, he said. "The hackers look for financial and economic gains," the executive said during a Gartner conference on cloud computing in São Paulo.

EMPLOYEE MENACE

Feiman also highlighted that companies' own employees are a very powerful and underestimated source of attacks - in particular, those who deal with IT solutions.

He said companies must have technologies to protect them from their own developers and an internal policy of different data layer assessment.