There are three Computerworld stories today Ihat should give you pause as you prepare for the holiday season.
The first is "Wireless growth in Asia leads to security woes". It documents the fast rising number of attacks on wireless networks in Asia that are growing much faster than those in fixed line countries. This is because Asia has a much more advanced wireless infrastructure than North America. Therefore, what you see happening in Asia will soon be arriving in Europe and then latterly North America where the wireless infrastructure is well behind.
The article briefly mentions layers of security but doesn't go into details. I believe that these layers must include network access control to quarantine any wireless device without proper patches, network authentication to the device MAC, reduced sign on with security policies requiring stronger authentication as the user drills towards applications from the wireless device than if they were inside the enterprise, reduced hard drives on the wireless device, monitoring of what is going out the firewall to the wireless device to prevent sensitive information leaving and finally transaction authentication around enterprise crown jewels.
The next article is "Breach at UCLA exposes data on 800,000". The article documents that attacks were going on sensitive databases, expressly looking for identity information, since October of 2005.
While universities have been targeted this way over the last few years, they are not alone. In an earlier blog, I documented that over 97 million US identities have been stolen since 2005. Now that number has grown by nearly another million from just UCLA alone. What can be learned from this?
All sensitive identity information needs to be encrypted on the database. Further, as in another blog covering the loss of Scotland Yard's own identities, encryption must be maintained when identity data is managed by non-enterprise employees as well as identity handling processes and audits. Finally, perimeter monitoring on information leaving the enterprise needs to be in place to detect sensitive identity data being exported out through the firewall.
Then there is the story " 'Rock Phish' blamed for surge in attacks". It documents how a group called "Rock Phish" is thought to be responsible for $100 million in losses against financial institutions from phishing attacks. The article describes the increasingly sophisticated measures the attackers are using. Perhaps even more telling was the fact that many researchers didn't want their names mentioned in the article out of fear from personal harm.
This last article is in my opinion the most worrying. It indicates the growing size of organized crime on the internet. Further, it also indicates the sophistication that organized crime is using to attack enterprises. While not mentioned in this article, I believe that this is due to the numbers of personnel organized crime is now bringing to bear to attack enterprises.
While you should indeed be celebrating the holiday season, you should also keep in mind that the next two years spell lots of trouble for IT departments and enterprise security. There is a big storm blowing in.