Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Commercial Cyber Crime Tool Availability Increases Threat Level During 2011

Sophos : 26 January, 2012  (Technical Article)
Sophos reveals the results of its threat survey and report for 2012 with increases in cybercrime over the last year in evidence and 61% of people seeing user error as the greatest threat
Commercial Cyber Crime Tool Availability Increases Threat Level During 2011
IT security and data protection company Sophos has unveiled its latest Security Threat Report 2012, a detailed assessment of the threat landscape – from hacktivism and online threats to mobile malware, cloud computing and social network security, as well as IT security trends for this coming year.  The full, ungated report is available for download from the Sophos website.  

A Sophos poll, conducted online at the end of 2011, surveyed more than 4,300 global respondents about today’s biggest threats on the internet. Key findings from the research include:

* 61 percent feel that the biggest threat on the internet is users not doing enough to protect themselves
* Nearly 20 percent believe social networking scams are the top threat
* 67 percent think that malware is on the rise compared to in 2010

Year in review: under attack

2011 was characterised by a rise in cybercrime.  The availability of commercial tools designed by and for cybercriminals made mass generation of new malicious code campaigns and exploits trivial and scalable.  The net result was significant growth in the volume of malware and infections.  Cybercriminals also diversified their targets to include new platforms, as business use of mobile devices accelerated.  Politically motivated “hacktivist” groups took the media spotlight, even as the more common threats to cyber security grew.

Hype over hacktivism

In 2011, the emergence of LulzSec and Anonymous marked a shift from hacking for financial gain to hacking as a form of protest.  Hacktivists sowed chaos by leaking documents and attacking websites of high-profile organisations and even defence contractors.  LulzSec dominated headlines in the first half of the year with attacks on Sony, PBS, the U.S. Senate, the CIA, FBI affiliate InfraGard and others, and then disbanded after 50 days.

Risky business

Increasingly, corporate users weren’t just at home or at work, but somewhere else on the “everywhere network.”  And the consumerisation of IT, sometimes called “bring your own device” or BYOD, became one of the newer causes of data vulnerability.  Employees accessed sensitive corporate information from their home computers, smartphones and tablets.  Moreover, corporate-issued mobile devices increased risk, as did the rise of cloud services and the use of social media.

According to the Sophos online poll, which asked users if their company allows personal laptops, desktops or phones for work, nearly 50 percent of respondents said yes.  Another 10 percent who said their company doesn’t allow personal devices for work preferred they did.

Changing web threats and drive-by downloads Cybercriminals constantly launched attacks designed to penetrate digital defenses and steal sensitive data.  Almost no online portal proved immune from threat or harm.  SophosLabs identifies an average of 30,000 newly-infected web pages each day.  More than 80 percent of these web pages are on innocent web servers, which have been hacked by cybercriminals to make them part of the problem.

Additionally, 85 percent of all malware, including viruses, worms, spyware, adware and Trojans, comes from the web, according to the Ponemon Institute.  Today, drive-by downloads have become the top web threat, and in 2011, one crimeware kit, known as “Blackhole,” rose to the number one on that list.

In the Sophos online poll, users were asked about the prevalence of malware compared to 2010; 67 percent of respondents felt it was on the rise.

OS oh my! And the emergence of Mac malware Microsoft Windows may be the most attacked operating system (OS), but the primary vectors for hacking Windows have been through PDF or Flash.  Despite Microsoft’s regular updates to patch Windows OS vulnerabilities, the content delivery systems remained the largest vulnerability on any OS.  In 2011, the emergence of malware for the Mac upstaged Windows malware.  There's no doubt that the Windows malware problem is much larger than the Mac threat, but the events of 2011 show Mac users that the malware threat is genuine.

Top trends

There are many factors that will impact the IT security landscape this year and into the future. These include new attacks using social media platforms and integrated apps, more targeted attacks on non-Windows platforms, and mobile payment technologies under threat, among others which are highlighted within the report.

“As cybercriminals expand their focus, organisations are challenged to keep their security capabilities from backsliding as they adopt new technologies,” said Mark Harris, vice president of SophosLabs, Sophos.  “And as we continue to access information in different ways, from different devices in different locations, security tools must be able to ‘protect everywhere’ – from desktops to mobile and smart devices and the cloud.  But more importantly and oft-disregarded, cybercriminals will continue to stalk the easiest prey – security basics like patching and password management will remain a significant challenge.”
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo