- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
CSO - If you're reading this, then the world hasn't ended per the Mayan calendar. But it still might be a good idea for those in the information security business to be wary of this time of year.
Jeffrey Carr, an author on cyberwarfare and founder and CEO of Taia Global, noted in a post on Infosec Island this week that he has noticed a major breach or act of cyber warfare that kicks off the New Year -- every year since 2009.
Carr calls it "The January Effect," a well-established term in the investment world that refers to an expected price rise in securities after the first of the year. The effect, he said, is viewed as an opportunity for the bad guys.
He listed four major events as evidence:
"It may start in December and then get publicized in January, or happen in January and get publicized a bit later but it has happened four years in a row now so I fully expect it to occur once again," he wrote.
Some other security experts say they don't dispute the events presented, but aren't sure they stand out as all that different from other major attacks during the rest of a given year.
"The facts are what they are," said Jody Westby, CEO of Global Cyber Risk. "What is missing is any comparison with other months of the year. Was January really that different? We have had so many high profile incidents, in part because they are now more openly reported and media picks up on them more."
John Prisco, CEO of Triumfant, agreed that there are major attacks at the beginning of the year, but said hackers never take a break. "If you look at the year-round nature of some of the major breaches in 2011 and 2012 -- Sony, Epsilon, Global Payments, SC Dept. of Revenue -- clearly, they didn't all happen in January."
Carr told CSO Online that while major attacks are ongoing, those he cited were unique. "Operation Cast Lead, which contained a military and a cyber component, is very rare," he said. And the two involving RSA and Symantec are unique because they happened to major security firms.
He said it makes sense that attackers would ramp up their efforts at this time of year because people are on vacation. "You've got second- and third-tier security people working, while those in the first tier are enjoying the holidays," Carr said.
There is agreement that holiday season vacations are a factor. "There are more people logging into company networks from home computers, which are not as secure as corporate computers, during the holiday season, and cybercriminals know that there are few IT staff working during the holiday," said David Nevin, vice president at TaaSera. "So, it's a good time to launch an attack. It's not really a January Effect, it's a Global Holiday effect."