STONESOFT OYJ : Top security threats in 2013

Stonesoft predicts in 2013 the world will experience
more unseen and unknown targeted cyber attacks, espionage and hacktivism

Helsinki, Finland 2012 - December 13, 2012 - With 2013 just around the corner, it is time for IT security experts to reflect on what has been, gaze into their crystal ball and predict what is yet to come. Below are network security vendor Stonesoft's top six predictions around the threats that we will be seeing in 2013.

"I believe in 2013 the security of the digital world will become even more dominant. It is the security trend which is growing most rapidly at the moment and its importance will just continue to grow in the future. This means there is also an increasing need and pressure to think about international norms, rules and regulations", says Jarno Limnéll, director of cyber security at Stonesoft.

"As nation-states continue to invest heavily in cyber capabilities (defense and offense), it is also likely that they will be more inclined to use these capabilities and the use of "cyber force" in the world will increase. This may have severe consequences - in particular with regard to unpredictable side-effects. A single attack can spread rapidly around the world, even by a mistake. There is a myriad of players who are investing immense resources to change the cyber reality", Limnéll continues.

With over 20 years of experience in network security, Stonesoft's predicts:

1.    The world will experience more targeted cyber attacks. The development of highly sophisticated malware by state-sponsored organizations has the potential to radically affect the speed at which the wider threat landscape evolves. Cyber threats will become more unpredictable than ever before.

2.    Espionage by nation-states will continue to rise. In 2012 we saw botnets and malware silently send the whole contents of the user's hard drive to a control machine. This will continue to be a problem in 2013. The protection of critical national infrastructure will continue to be an extremely important aspect of cyber security.

3.    Hacktivism will grow and become increasingly relevant and dreaded - in particular, it will become more aggressive and its means and impact will become more powerful. At the same time, the role of non-nation players will become more important, in particular with respect to expertise, not just resources.

4.    We will see even more advanced evasions techniques (AETs) being used against organizations and governments. As security technologies and the overall capability to catch cyber criminals and hackers improve, they will invest their "R&D" resources in developing increasingly sophisticated and stealthy attack delivery technologies to improve their ROI.  The most worrying part of this is that current security technologies are not capable of stopping AETs and the targets will remain unaware that they have been attacked.

5.    In 2012 we heard about a lot of vulnerabilities in closed source enterprise applications such as Oracle, SAP and SCADA. These applications contain business critical data and are highly valuable targets for intruders. This will continue to be a problem in 2013.

6.    Android will continue to be targeted by hackers. The platform provides an attractive environment for malware and hackers will take advantage of this.
It is likely we will see the first global consumer brand go bankrupt as a consequence of a cyber- attack that ruins its reputation and customer confidence.
              
"As the cyber capabilities of various players around the world increase and we will see more and increasingly sophisticated targeted attacks, traditional security systems are no longer able to provide sufficient protection", says Ville Hämäläinen, Director, R&D at Stonesoft.

"To defend themselves against today's cyber threats, organizations need to make the leap from traditional, reactive security against known threats to proactive cyber defense and offense capabilities and readiness against "unknown unknowns" in order to increase operational resilience, Hämäläinen continues.

For more details, please contact:

Jarno Limnéll
Director, Cyber Security
Stonesoft Corporation
Tel. +358 40 527 6173
E-mail: jarno.limnell(AT)stonesoft.com
Twitter: @JarnoLim

Ville Hämäläinen
Director, R&D
Stonesoft Corporation
Tel. +358 40 700 6855
E-mail: ville.hamalainen@stonesoft.com:
mailto:ville.hamalainen@stonesoft.com

About Stonesoft

Stonesoft Corporation (NASDAQ OMX: SFT1V) delivers software based, dynamic and customer driven network security solutions that secure the information flow and simplify security management. The company's product portfolio consists of the industry's first transformable Security Engine:
http://securityengine.stonesoft.com/, standalone next generation firewalls and intrusion prevention systems, and SSL VPN solutions. At the core lies Stonesoft's Management Center which unifies the management of entire networks.

Stonesoft serves private and public sector organizations requiring high availability, ease of management, compliance, dynamic security and protection of their critical digital assets and business continuity against today's rapidly evolving cyber threats. Stonesoft is a recognized researcher of advanced evasion techniques used in targeted cyber attacks to bypass security.

Stonesoft has the highest customer retention rate in the industry due to low TCO, ease of management, and overall customer excellence. Stonesoft's customer base covers more than 6,500 mid- or large-sized organizations across various industries and geographical markets.

Founded in 1990, the company's track record is well recognized by certifiers, industry analysts and demanding customers. The company's corporate headquarters are based in Helsinki, Finland and North American headquarters in Atlanta, Georgia. For more information, visit www.stonesoft.com:
http://www.stonesoft.com/.