Most Companies Lack Infrastructure to Combat the Biggest Cyber Threats

As of now, one of the fastest growing security threats to individuals and organizations are the advanced cybercriminal assaults, according to the findings of the latest 'CSO 2010 Cyber Security Watch' survey.

This survey was conducted in 2009. 523 IT and security managers, top-level executives and law enforcement personnel who were surveyed identified the hackers as the main threat. Insiders and foreign bodies were the other major threats.

According to Rich Baich, author of the survey's report, cybercrime menaces to organizations are increasing much faster than companies can tackle them, as per the statement published by the theinquirer.net in the last week of January 2010.

The survey claimed that when it comes to deal with the determined cybercriminals, corporate houses are completely unaware.

Furthermore, the report also features that attackers are becoming very smart, and are using more refined viruses, malware, and techniques that have surpassed conventional security models and various modern signature-based detection techniques.

According to the survey, it appears that the cybercriminals reinvest parts of their significant profits so as to develop new capabilities to evade current security technologies. In fact, even big antivirus purveyors find it tough to match the level of new malware in the wild.

The most worrying fact is that as cyber assailants develop more innovative and sophisticated threats, this gap will simply increase, said Baich.

Furthermore, various crooks and malware creators are specially hired by cybercriminals to provide them the capabilities, products, skills and "outsourced" services. These consist of identity theft, stealthy access to systems, acquisition and storage of data, identity authentication, botnets, misdirection of communications, keystroke identification, etc.

As a result, organizations are required to understand the gravity of threats to processes, data, and tools. Baich suggested that the organizations need to move to a risk-based system from a security-based approach.

The survey also found that by means of social engineering techniques, cybercriminals can now easily target the end users - the weakest link in most security models. Experts said that this definitely needs consideration as attacks made through social engineering techniques are continuously mounting.

The study also reveals a probable connection between cybercrime and threats like industrial espionage, foreign intelligence services and terrorism.

Related article: Most Malware Use File Packing To Escape Detection

» SPAMfighter News - 2/25/2010