Posts Tagged ‘sophos’

Sophos has released its mid-year Security Threat Report for 2009, which looks at cybercrime for the first half of this year. The report indicates that cybercriminals have increased the focus of their attacks on social networking sites and that hackers are increasingly using scare tactics to solicit users to pay for rogue anti-virus software.

The report indicates that cybercriminals are both exploiting social networks to identify potential victims and then using these networks to attack them. The report encourages Web 2.0 companies to defend their existing users, rather than focusing on growing their userbase at the expense of security standards.

In terms of business data, the survey indicates that two thirds of businesses are worried that information shared by employees online may put their corporate infrastructure at risk. Right now, a quarter of organizations have been exposed to spam, phishing or malware via social networking sites like Facebook, Twitter and MySpace.

Read more about, and download, the report here.

According to a new report from Sophos, two thirds of businesses fear social networking and its impact on corporate security.

Sophos conducted a poll in February 2009 with 709 respondents. Of those, 63% of system administrators worry that employees share too much information on their social networking profiles. They believe this puts the corporation, and its data, at risk (since cybercriminals have access to more information for identity theft, malware or spam). A quarter of the businesses had been the recipients of spam, phishing or malware attacks via sites like Twitter, Facebook, LinkedIn and MySpace.

Over 40% of companies don’t control access to any of these major social networking platforms – for those that do, productivity still represents the largest share of concern, but security concerns are on the rise.

“We’re seeing more incidents of unwanted adverts and malicious links being spammed out, particularly to Facebook users, from their friends’ compromised accounts. Although social networking sites are going some way to mitigate threats to users – activating pop-up windows to confirm if a user really wants to visit that external link for example – unfortunately it’s just not enough. Organisations need to incorporate defences into their IT security policy, and a key part of this is to educate individuals to choose strong passwords and to take good care of them to prevent cybercriminals taking over online accounts which could provide an entry point to the IT infrastructure.” – Graham Cluley, senior technology consultant at Sophos

Sophos summarizes their study with the top 5 tips to combat social networking perils in the business environment, which include:

• Educate your workforce about online risks
• Consider filtering access to certain social networking sites at specific times
• Check the information that your organisation and staff share online
• Review your Web 2.0 security settings regularly
• Ensure that you have a solution in place that can proactively scan all websites for malware, spam and phishing content

Read more here.

Also, beware of an increase in Swine Flu pill spam!

Sophos recently released a report on password security that indicates that only 19% of people use multiple passwords to access different websites (based on an online survey of 676 people). From the remainder, 33% use one password to access all websites and 48% use a few different passwords.

It is recommended that users assess their passwords for strength (read more about that here) and use different passwords to access different sensitive accounts. Doing so will help users protect their personal and corporate data. There are more advanced password strategies you can employ if you want an added measure of security – these can include the use of tools like PassSafe. Here’s a video that Sophos put together talking about password security:

Simple tips for better web password security from Sophos Labs on Vimeo.

As Sophos notes, password security should not be overlooked. Far too many people stick with dictionary words, or simple passwords such as “1234″. These passwords are easily guessed by hackers and can be used to exploit a computer network. For example, one Conficker-infected computer can be a risk to a whole network, with the worm using 200 common passwords to try to spread.

Sophos has published its Security Threat Report 2009 [PDF], which examines the threat landscape from the last 12 months and tries to predict emerging cybercrime trends for 2009.

As the third quarter Sophos report indicated earlier, the U.S. led the way in malware. More malware was hosted on U.S. websites (37%), and more spam is relayed from U.S. computers (17.5%), than any other country. When one U.S. company accused of collaborating with spammers and hackers disconnected from the Internet in November, 2008, spam went down by 75%.

“Not only is the USA relaying the most spam because too many of its computers have been compromised and are under the control of hackers, but it’s also carrying the most malicious webpages.” – Graham Cluley, senior technology consultant for Sophos

Graham goes on to say that U.S.-based computers are making a “disturbingly large contribution to the problems of viruses and spam” today. The report also indicated that most malicious code is now found on innocent websites, mainly because corporations have secured their email gateways to prevent attacks and spam (though one in every 714 email messages contains a malicious email attachment).

Highlights from the study:

• Biggest malware threats – SQL injection attacks against websites and the rise of scareware
• New web infections – 1 new infected webpage discovered every 4.5 seconds
• Malicious email attachments – 5x more at the end of 2008 than at the beginning
• Spam-related webpages – 1 new webpage discovered every 15 seconds
• New scareware websites – 5 identified every day
• Amount of business email that is spam – 97%

The report indicates that 2009 will see growing attacks on Mac computers and cross-platform software, as well as mobile devices such as the iPhone and Google Android. The report suspects that data leaking will be a larger concern in 2009, especially given the use of mobile technologies, from laptops to thumb drives to phones. As Sophos notes, the problems are not insurmountable:

“Sound security practices, up-to-date protection and an active commitment to keep informed can all help defend business networks in the year ahead.”

In other news, the Pentagon has banned the use of thumb drives because of a virus threat detected on defense networks. I was kind of hoping it was to prevent data breaches, but perhaps this will force the government to update their security policy to be more comprehensive of new data devices – be they thumb drives or iPhones.

The latest report from Sophos indicates that 8x more malicious email attachments were spammed in Q3 of 2008.

The quarterly report from Sophos looks at spam trends. For the July – September 2008 time span, the report indicates that there was a rise in the proportion of spam emails sent with malicious attachments, as well as an increase in social engineering techniques in spam messages.

The report indicates that 1 in every 416 email messages contained a dangerous attachment. This was an 8 fold increase compared to Q2. Most of the increase can be attributed to several large-scale malware attacks, including one with was disguised as an iPhone arcade game with a penguin character. Most of the attacks were still for Windows-based users, and the US led the way as the top country responsible for relaying spam across the globe.

In addition to malware sent via email attachments, malicious links were designed to prey upon user curiosity. This type of social engineering included “breaking news alerts”. Other new methods were explored, including spam using Facebook and Twitter.

Here is a video from Sophos about how one large social engineering campaign worked:

Also of high importance in the news right now is a report that security researchers have found a way to crack the Wi-Fi Protected Access (WPA) encryption standard that’s used to protect data on many wireless networks. This is worrying news, which you can read about more here.

image: microsoft clipart