|Report: Emerging Cyber Threats 2013|
|The year ahead will feature new and increasingly sophisticated means to capture and exploit user data, as well as escalating battles over the control of online information that threatens to compromise content and erode public trust and privacy. Those were the findings announced by the Georgia Tech Information Security Center (GTISC) and the Georgia Tech Research Institute (GTRI) in today's release of the Georgia Tech Emerging Cyber Threats Report for 2012. |
It's an interesting report, and well worth a read. The Cloud, Supply Chain, Mobile, and Search Poisoning are a few of the threat highlights.
Professor Wenke Lee, Director of GTISC:
|"If you compromise a computer, the victim can always switch to a clean machine and your attack is over," "If you compromise a user's search history and hence his online profile, the victim gets the malicious search results no matter where he logs in from." |
Georgia Tech Emerging Cyber Threats Report for 2012 [gtsecuritysummit.com]
This thread and the report deserve much more attention than they've gotten.
Note that reading the pdf report at a decent font size involves some side-scrolling on all but very large screens, but the report is well-written, fairly brief, and definitely worth a read. It leads to numerous side areas also worth exploring. The overview it presents is striking.
- Information manipulation gives attackers the ability to influence what a victim sees on the Web in a way that survives cleaning the client machine.
- The act of personalizing search results and news feeds leads to a narrowing of viewpoints, a form of automated censorship.
- Attempts to increase the uptake of a given viewpoint can be detected based on certain characteristics.
On the same landing page linked to above, there's also a Georgia Tech Cyber Security Summit video, which unfortunately is 164 minutes long. It may take some real dedication to go there. It's very well produced, though, with excellent content in the sections I viewed, and you can jump through it to pick up various discussions.
Note that there's a semi-parallel thread in the WebmasterWorld Google Search forum, deriving from an article which reports on the above pdf...
Attackers to Exploit Search Personalization, Supply Chains