Fewer Security Vulnerabilities Exploited With More Malware
Several reports published prior to the Infosec 2010 Security Conference in UK during the 1st week of May 2010 revealed that businesses identified and experienced growth in cyber-crimes although the total number of vulnerabilities detected had declined. Two reports suggested that the reason for the growth was partially attributed to the outsourcing operations.
One report, entitled "Internet Security Threat Report 2010," was from Symantec. According to that, hackers were exploiting fewer security vulnerabilities with greater number of malware programs.
Another report also from Symantec entitled "State of Enterprise Security Report 2010" says that 75% of businesses surveyed suffered from one or another kind of online assault during 2009. This demonstrates that it's not just a small number of larger businesses that is affected with this problem.
Furthermore, there was a rise in the total number of signatures for malware that counted to 2.9 Million (up 71%) and accounted for 51% of the total number of signatures developed so far. Security vulnerabilities during 2009 conversely dropped 18% to a total of 4,501 from 5,491.
Among the main trends noticed during the year was a rise in targeted assaults against businesses, and the most preferred attack method for these were Web-based methods. Also, while targeted assaults often exploit zero-day security flaws or use social engineering for hijacking computer users on an organization network, the same tactics are used for hijacking home computer users too.
Meanwhile, Kevin Hogan, senior director of global security response operations at Symantec, stated that his company's research showed that outsourced IT was associated with security infringements. Computing.co.uk published this on May 4, 2010.
According to Hogan, a number of fairly reputed enterprises having perfect internal IT defenses had come under malicious attacks from their outsourced segments.
Another report entitled "2010 Information Security Breaches Survey" that PricewaterhouseCoopers published during the end-week of April 2010 contended that as UK businesses have become increasingly dependent on outside IT service providers, their exposure to cyber-attacks has also increased.
The poll discovered that bigger enterprises were subjected to attacks, in which 62% of the enterprises became infected with a malicious program or a virus during 2009, up from 21% in 2008.
Related article: Free Web Host Services: spammer’s bull’s eye
» SPAMfighter News - 14-05-2010