A Primer

5 PREDICTIONS FOR 2013 AND BEYOND

WHAT SHOULD SMBs LOOK OUT FOR?

For small and medium-sized businesses (SMBs), the future looks diverse.

Organizations are no longer limited to using PCs or even laptops. Mobile devices, such as smartphones and tablets, are fast becoming part of the SMB workplace. With the increased availability of cloud services, business applications no longer need to be on-site to address various business needs. The variety of available technology allows SMBs to cherry-pick solutions that best fit their working environment.

However, the expansion of operating systems (OSs), platforms, services, and devices also means that employees are going to have a harder time managing security in the workplace. Take a look at the five things that businesses should look out for in 2013 and the years to come.

Multiple computing platforms and devices in the workplace will lead to multiple “working environments”. Securing these devices will be more complex and difficult than most users think. Work used to be done on one device—usually, a PC running on Windows. The advent of mobile devices, such as smartphones and tablets, means that people can easily work from a multitude of devices, often their own. Based on a Trend Micro-sponsored Forrester study, 60% of businesses employ bring-your-own-device (BYOD) programs for smartphones and 47% for tablets and laptops.1

Using multiple devices for work requires additional security measures. Each platform requires different steps to secure it. Businesses that allow BYOD may find it challenging to create a comprehensive set of security guidelines, especially if employees have free reign over selecting their devices. And as online activity now occurs in apps, it is also harder to give accurate advice on security issues; with each app having its own distinct look and feel.

1 http://www.trendmicro.com/cloud-content/us/pdfs/business/white-papers/wp_forrester_measure-value-of-consumerization.pdf

Data breaches will remain a threat whether or not data is stored in the cloud.Data infrastructures—in the cloud or not—will be targeted by attacks as a means for threat actors to gather sensitive data. This merely continues the trend of data breaches, with more than 81% of organizations having suffered at least one data breach over the past two years.2

Data security is major concern for SMBs. But as they move their sensitive data to the cloud, an on-premise security solution might be ineffective in a cloud-based environment. A Microsoft study shows that half of SMBs may reconsider migrating apps to the cloud3 due to data privacy concerns.

Concern over security in the cloud is not unfounded, given that SMBs use cloud services for communication and information management (email hosting and data backup).4 IT administrators and business owners have to ensure that their cloud security solutions are adequate to this task and are backed by industry standard SLAs (service level agreements).

2 http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/reports/rpt_trend-micro_ponemon-executive-summary-smb.pdf

3 http://www.microsoft.com/en-us/news/presskits/telecom/docs/SMBCloud.pdf4 http://www.spiceworks.com/news/press-release/2012/05-08/

Cybercriminals will heavily abuse legitimate cloud services.For cybercriminals, cloud computing is merely another technology to abuse. Facebook, Twitter, and blogs have been used to transmit commands from command-and-control (C&C) servers. Google Docs, Dropbox, and Pastebin were also used as drop zones for stolen data.

Cybercriminal activity in cloud services can affect SMBs in two ways. Similar to what happened with Megaupload, cloud services may be involved in legalities that result in SMBs losing access to their data.5 SMBs may also find it hard to block malicious activity since it may occur within legitimate cloud services. For instance, a legitimate file locker service was once used to host malware in a spam run that spread via Skype.6 Cloud services may do their part in getting rid of the malicious activity but this will not stop cybercriminals from abusing the services for illegal activities.

5 http://arstechnica.com/tech-policy/2012/01/megaupload-shut-down-by-feds-seven-charged-four-arrested/6 http://blog.trendmicro.com/trendlabs-security-intelligence/skype-messages-spreading-dorkbot-variants/

The volume of malicious and high-risk Android apps will hit a million in 2013.SMBs are now going mobile. A poll conducted by AT&T says that 85% of small businesses use smartphones for work.7 Mobile app usage is also on the rise, with 30% of small businesses using mobile apps for their business. This finding is similar to that of a study done by the Small Business and Entrepreneurship Council, which states that 31% of small businesses use apps on a mobile device.8

But the move toward mobile is not without risks. The number of malicious and high-risk Android apps was projected to reach at least 350,000 by the end of 2012. The likelihood of a threefold increase by the end of 2013 is broadly in line with the growth of the OS itself. Aside from increasing in number, Android malware are becoming more sophisticated. While Google has made efforts to improve the security of the platform, these alone will not lessen the appeal of Android to cybercriminals.

7 http://www.att.com/gen/press-room?pid=22394&cdvn=news&newsarticleid=338658 http://www.sbecouncil.org/uploads/Mobile%20APP%20Final%20Report%20SBE%20Council.

pdf

Conventional malware threats will only gradually evolve, with few, if any, new threats. Attacks will be more sophisticated in deployment.Malware developers will not focus on developing new threats as they already have a wide combination of tools to achieve their goals. Instead, they will focus on refining existing tools or responding to security vendors’ efforts. For instance, the Blackhole Exploit kit (BHEK) 2.0 is a response to the successful efforts in detecting BHEK 1.x spam.9

They will also focus on crafting attacks that reach intended victims without arousing suspicion. Cooperation among different groups in the cybercriminal underground will also become more commonly seen. They will develop and focus on specialized expertise, attacks, and targets.

SMBs may be hit hard by these refined malware threats and attacks as they are viewed as “easier targets” compared to larger organizations. This perception is partly because SMBs often lack the budget for an IT team or department dedicated to maintaining security.10

9 http://blog.trendmicro.com/trendlabs-security-intelligence/ blackhole-2-0-beta-tests-in-the-wild/

10 http://about-threats.trendmicro.com/smb-primers/small-business-is-big-business/

Some of the popular brands spoofed in BHEK

spam runs include Amazon, the Better

Business Bureau, FedEx, LinkedIn, PayPal, and

Verizon Wireless.

* http://blog.trendmicro.com/trendlabs-security-intelligence/same-operation-diversification-of-targets-being-spoofed-current-black-hole-exploit-kit-spam-runs/

WHAT YOU CAN DO TO HELP YOUR SMALL BUSINESS PREPARE FOR 2013?

Cybercriminals and attackers will always find ways to take advantage of the technological landscape to victimize businesses. SMBs should adopt security practices to fully protect their assets.

business remains as usual.

• Install security solutions on mobile devices. Using a security solution for mobile devices ensures that the device and its data are protected from malware and other threats. Additional features like remote wipe add another layer of security as data can be erased when the device is lost or stolen.

• Be on the lookout for social engineering. It only takes a click to make your business vulnerable to different attacks and threats. The latest security intelligence can help you and your employees learn about possible scenarios or modes of attack that cybercriminals may use against your organization.

• Protect against spam and malware. The constant refinement of malware means that they remain a serious risk to any organization. Using effective anti-malware solutions can protect businesses from anyone with malicious intent.

• Size doesn’t matter. SMBs should keep in mind that they are not above being targets of cybercriminals and attackers. SMBs should remain vigilant about protecting their devices, their networks, and their data.

• Prepare for BYOD-related threats. Multiple devices and platforms in the workplace require a comprehensive BYOD policy that lists down guidelines for all devices used by employees. The policy may also specify the devices that will be supported by the organization.

• Make data security a priority. Educate employees about the importance of securing sensitive or confidential data.Implement security policies that list down recommended safety practices such as the use of strong passwords and recognizing phishing emails. Employees should exercise caution when browsing the Web and downloading applications.

• Have a backup plan for your cloud. Research about cloud services before adopting them. What are the terms of service? Do they have contingencies in case of service disruptions? Prepare a backup plan in case of power outages and other service disruptions to make sure that

To know our security predictions for the year,

read “Security Threats to Business, the Digital Lifestyle,

and the Cloud: Trend Micro Predictions for 2013 and

Beyond.”

TREND MICRO™

Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global cloud secu-rity leader, creates a world safe for exchanging digital information with its Internet content security and threat management solutions for busi-nesses and consumers. A pioneer in server security with over 20 years’ experience, we deliver top-ranked client, server and cloud-based security that fits our customers’ and partners’ needs, stops new threats faster, and protects data in physical, virtualized and cloud environments. Powered by the industry-leading Trend Micro™ Smart Protection Network™ cloud computing security infrastructure, our products and services stop threats where they emerge—from the Inter-net. They are supported by 1,000+ threat intelligence experts around the globe.

TRENDLABSSM

TrendLabs is a multinational research, development, and support center with an extensive regional presence committed to 24 x 7 threat surveillance, attack prevention, and timely and seamless solutions delivery. With more than 1,000 threat experts and support engineers deployed round-the-clock in labs located around the globe, TrendLabs enables Trend Micro to continuously monitor the threat landscape across the globe; deliver real-time data to detect, to preempt, and to eliminate threats; research on and analyze technologies to combat new threats; respond in real time to targeted threats; and help custom-ers worldwide minimize damage, reduce costs, and ensure business continuity.

©2012 by Trend Micro, Incorporated. All rights reserved. Trend Micro and the Trend Micro t-ball logo are trademarks or registered trademarks of Trend Micro, Incorporated. All other product or company names may be trademarks or registered trademarks of their owners.