New cyber threats expose the limitations of legacy approaches to cyber defense: Android apps are shown vulnerable to modification in ways that don't break their digital signatures. New APT attacks camouflage themselves by using trusted cloud services as vectors. Finally, criminal organizations have begun making defense prohibitively expensive by increasing victims' analytical labor.
Legacy protective measures remain important, particularly against commodity criminal malware (witness repurposed spam and ten-dollar denial-of-service offers) but sophisticated obfuscation enables capable attackers (a growing crowd) to evade signature-based defenses.
Effective defense increasingly requires highly skilled reverse engineers, who are both relatively scarce and pricey. The future seems to lie with automating detection, analysis, and reverse engineering: compare other disruptive technological advances that make expertise available to non-experts. (Probably better for an enterprise to improve its analytical game in-house than hire those "cyber mercenaries" the UK is warning about, too.)
There are those who would forgo defense for counterattack, and tools for active defense are appearing.
Forbes questions big data's security utility—it likens the big-data approach to finding a needle-in-a-haystack by adding more hay.
PRISM fallout at week's end includes reports of cooperation with surveillance by Microsoft and Telstra. Yahoo wants FISA records opened to show its good-faith efforts to protect customers' privacy. DEFCON disinvites "Feds," which draws a decidedly mixed industry reaction. (Feds remain welcome at Black Hat.)
As US-China talks continue, US President Obama expresses "disappointment" with China's failure to extradite Snowden. Estonia's President Hendrik tells the EU, in effect, to get over PRISM.