All the latest UK technology news, reviews and analysis
|
|
|
14 Jul 2009
The latest security threat report from Cisco shows that criminals are targeting enterprises in ever more sophisticated ways.
Companies are coming under attack from business-aware criminals who are creating spam around major news events, such as swine flu, to gain access to company systems or persuade victims to visit malware-laden web sites.
Other threats include botnets, which are being rented out on a software-as-a-service basis, according to the report.
Social networking sites also came under fire, as they still create a feeling among users that links and downloadable content are always safe.
The recession and the threat of job losses, meanwhile, has led to a rise in disaffected workers who are much more likely to compromise corporate data.
"Securing the internet has long been a moving target, as criminals develop increasingly sophisticated ways to breach corporate networks and obtain valuable personal data," said Patrick Peterson, Cisco fellow and chief security researcher.
"What is striking in our latest findings is how, in addition to using their technical skills to cast a wide net and avoid detection, these criminals are also demonstrating some strong business acumen.
"They are collaborating with each other, preying on individuals' greatest fears and interests, and increasingly making use of legitimate internet tools like search engines and the software-as-a-service model. Businesses need to adopt ever more advanced ways to fight cyber crime and remain vigilant across all attack vectors."
Cisco will reveal more from its latest security report in a webcast to be shown from 16.00 BST.
Latest stories from Security
Related articles
Related jobs
Poll
Are you confident that the UK's IT infrastructure is secure from attack in the wake of the Flame malware revelations?
Orange and Intel talk us through the ins and outs of their San Diego smartphone
Connect with V3.co.uk
Social networking is almost ubiquitous. This white paper examines the benefits and risks and it looks at the different ways companies can reconcile them
The importance of understanding your infrastructure
Want to work for one of the most dynamic, creative environments...
Want to work for one of the most dynamic, creative environments...
Roc Search is currently recruiting for an Infrastructure...
Want to work for one of the most dynamic, creative environments...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
Bribery will lead to even more internal threats
I am not surprised by this new evidence that insider threats are a growing concern. More users than ever before have access to sensitive data, not just IT or board level employees but day-to-day office workers, contractors and partners. The easiest way for criminals to get their hands on this sensitive data is not by hacking through firewalls, but by simply bribing someone within a company to get the information for them. Fired or laid-off employees know that their former employers are often slow to suspend access to accounts and disgruntled employees could easily cause harm through accessing, stealing and disseminating confidential information before all of their accounts are completely turned off. In a depressed economy such as we've seen over the past 18 months or so, the risk of insider theft has increased. Employees no longer feel a sense of loyalty to their companies and are more tempted by a quick buck than they would in a good economy. If they have been laid off, the temptation is even greater. Only yesterday, it was announced that unemployment had hit 7.6% - the highest rate in more than 10 years. Organisations need to recognise the growing insider threat highlighted in this research and build a strategy to understand where exactly sensitive information is being held, who has access to it, how they have access to it and why. In addition, they should automate the process to manage user access to this data so that when someone leaves the organisation, the system knows exactly what access they had and can immediately disable that access. Stuart Hodkinson, UK General Manager, Courion
Posted by: Stuart Hodkinson, UK General Manager, Courion 16 Jul 2009