Blended Attacks Chief Online Security Threat for Enterprises
According to Websense, a security firm, enterprises' most severe online security risk is from blended threats.
Commenting on the problem, Vice-President of Product Management at Websense, Devin Redmond, said that cyber-criminals are applying more and more attack techniques of various types in a blended form for theft of precious corporate data, as reported bycomputeach.co.uk on March 15, 2010.
According to Redmond, security experts are required to come out with new methods for defense against the blended assaults. He suggested that they must examine all inbound and outbound contents.
Notably, the expert said that in a typical way, cyber-criminals might send a personalized or targeted e-mail, posing as a message from someone familiar with an implanted Web-link, linking up with a malicious site. The site usually drops a data-stealing Trojan, which transmit data with the help of an encrypted program.
Therefore, the method of stopping some specific kinds of e-mails or collaboration mediums such as Twitter, Facebook or cloud-based utilities wasn't a feasible approach. In other words, it wasn't a full-proof and viable option towards making sure that an organization was secured, the expert observed.
Also, according to Redmond, it wouldn't have been intricate to prevent the December 2009 online assaults on Google if an all-inclusive filtering mechanism was used. The attacks were considered highly sophisticated on any organization, and ones that had a commercial impact. Same can be said for other 20 organizations, which too received the blows.
Remarking about this issue, the expert stated that a proper monitoring and assessment of both inbound and outbound data could help organizations identify and prevent data loss more easily, according to a statement published bycomputerweekly.com on March 15, 2010.
Product Director of security-as-a-service at the security firm, Jonathan Wilkinson also expressed his views against blended attacks. He noted that during the end-week of February 2010, cyber-criminals are focusing their efforts elsewhere. Now, they are not simply disabling a company's infrastructure, they are also acquiring illegitimate admission into its sensitive data, as reported by Itweb.co.za during the end-week of February 2010.
Finally, while Websense spreads caution, the company's December 2009 prediction that blended assaults are expected to increase during 2010 appears to prove right.
» SPAMfighter News - 23-03-2010