Cyber security risk to open source apps set to soar in 2015

News
By
published

Trend Micro predicts uptick in attacks on open source apps next year, in the wake of Heartbleed and Shellshock

Open source

The coming year will see cybercriminals increasingly harness the anonymity of the dark net to pedal malware and organise attacks, Trend Micro has warned.

The security vendor made the prediction in its latest report, which sets out how the threat landscape is anticipated to evolve in 2015.

In anticipation of this uptick in the dark net's use, the report says law enforcers and IT security firms will need to adjust their approach to tackling cybercrime accordingly.

"As the bad guys move deeper into the web, security firms and law enforcers need to extend their reach as well to cover the Deep Web and darknet services," the report states.

"This will require greater effort and investment... [and] lawmakers worldwide, meanwhile, need to agree on what constitutes cybercrime to aid enforcers, regardless of jurisdiction, to bring the bad guys to justice."

The report also warns users of open source apps and technologies to prepare themselves for a further onslaught of attacks aimed at exploiting vulnerabilities found in them over the coming year.

This comes on the back of the Heartbleed and Shellshock IT security scares that emerged in 2014, which were heavily exploited by hackers despite being undetected in the software for many years.

"Attackers will continue their search for seemingly dormant vulnerabilities like Heartbleed and Shellshock in the coming years," the report warns.

"They will keep tabs on oft-forgotten platforms, protocols, and software and rely on irresponsible coding practices to get to their targets."

Furthermore, cybercriminals will become increasingly compelled to target open source platforms as makers of proprietary operating systems and software continue to tighten up the security of their software.

"Continuous security improvements in Microsoft Windows and other big-name operating systems will lead to a decline in [the] number of vulnerabilities [found in them]. This will push attackers to instead focus on finding vulnerabilities in open source platforms and apps," the report continues.

"Individuals and organisations can, however, stay protected by regularly patching and updating their systems and software."

Caroline Donnelly
Caroline Donnelly is the news and analysis editor of IT Pro and its sister site Cloud Pro, and covers general news, as well as the storage, security, public sector, cloud and Microsoft beats. Caroline has been a member of the IT Pro/Cloud Pro team since March 2012, and has previously worked as a reporter at several B2B publications, including UK channel magazine CRN, and as features writer for local weekly newspaper, The Slough and Windsor Observer. She studied Medical Biochemistry at the University of Leicester and completed a Postgraduate Diploma in Magazine Journalism at PMA Training in 2006.