Joint Working by IT Security Groups could Beat Cyber Threats

IT security professionals could well join their resources and co-operate to effectively combat the growing security attacks converging on enterprises, according to Symantec's new bi-annual threat report.

The report describes criminals' assaults as multi-staged attacks in which criminals combine their assets and use sophisticated methods incorporated in different forms. The report further added that they also use a number of ready-made toolkits traded in the underground market like MPack, which consists of spam, malicious code and exploits to manipulate browser vulnerabilities.

The report also warns that through legitimate sites like Facebook and MySpace, criminals launch targeted attacks on users' PCs. Commercial software are also available on the market, which criminals use to attack Websites, said the report. The report points out the existence of online discussion forums where information enabling ID thefts are being traded. It added that such attacks now belong to the criminal industry worth billions of dollars.

At the time when these kinds of threats prevail, security teams that were traditionally divided in managing different responsibilities like desktop protection, anti-spam, server security and others, must now share information, said Guy Bunker, chief scientist with Symantec. Vnunet.com published Bunker's statement on 17 September 2007.

Bunker further added that cyber attacks are getting increasingly sophisticated and multiple threat mediums are bundling together. People should realize the importance of security and how a grave attack could tarnish the brand of a software product.

But according to Andrew Kellett, analyst of Butler Group, many enterprises haven't collaborate with teams as they have been using purchased point products for years. Vununet.com reported this on 17 September 2007. There are not many enterprises with properly defined procedures and roles for most favor a firefighting kind of approach, Kellett added.

Donal Casey working with IT consultancy Morse suggested that an approach of storing security procedures could put companies at risk. He further said that if organizations combine their efforts towards defense, only then they would be better able to steer away from attacks that aim to steal information and money and cause networks to collapse with the result that wreak havoc on business operations. Vnunet.com reported this on 17 September 2007.

Related article: Jeanette’s Hotmail Sends Scam E-Mail

» SPAMfighter News - 10/3/2007