Like most years, 2013 proved that some things in the computer security world never change: Java continues to be the most popular attack vector, Chinese APT owns most of the world's corporations, criminals swipe millions of customers' credit card info, and John McAfee is on the run again. Nonetheless, I'm happy to report that several welcome security developments in 2013 are likely to have lasting positive impact.
Security blessing No. 1: Privacy moves to the forefront
In what continues to be the biggest news story of the year, the NSA was successful in vacuuming up enough data to be declared as dangerous to liberty as APT. Every week a major new revelation of NSA snooping emerged, from the capture of cellphone metadata to the interception of data from cloud providers. You can be sure this show is not over, folks.
[ Find out how to block the viruses, worms, and other malware that threaten your business, with hands-on advice from InfoWorld's expert contributors. Download the PDF today! | Learn how to secure your systems with the Security Central newsletter, both from InfoWorld. ]
The entire world has grown tired of the NSA spying on everything and wants the pendulum to swing back toward protecting individual privacy. There's even a chance that Congress will act to rein in the NSA's ability to conduct sweeping audits. Either way, cloud providers are reacting faster than the bureaucrats and are encrypting customer data, at rest and in transit, to make eavesdropping harder. Privacy add-ons are popping up everywhere. How well your product or service protects your customer's privacy has become a key differentiator.
This is great news. Privacy protections were shattered in the wake of 9/11. Finally, people are saying enough is enough. The only real question is whether governments will stay engaged long enough to actually change the laws that allow wholesale spying on people not suspected of any crime.
Security blessing No. 2: Arrests and botnet takedowns proliferate
It's been a wonderful year for arrests of malware kingpins and takedowns of botnets. Many major botnets have been disrupted, including ZeroAccess, Citadel, and Bamital. Those successes followed a banner year -- 2012 saw a similar wave of botnet destruction.
Some experts say botnet takedowns make little difference, given the huge volume of nefarious activity. But the miscreants who were arrested might disagree, including a leader of the Reveton ransomware gang, Blackhole Exploit Kit creator "Paunch," several Carberp botnet leaders, three guys behind the Gozi Trojan, and Hamza Bendelladj, alleged co-creator of the Spyeye banking Trojan. All these takedowns and arrests not only made us safer, but even led to less spam reaching our mailboxes.
Sadly, it seems you still have to be a major crime kingpin or syndicate member to get arrested or taken down. Cyber criminals who make only a few hundred thousand dollars a year are likely to continue to enjoy their spoils for the near future. Let's hope we take the lessons learned from catching and prosecuting the big guys and use them to go after all malware creators and distributors.