What's
on the Threat Landscape?
Find out what's happening in today's security threat landscape
and what measures you can take to protect your business from these
threats.
The tenth volume of the Symantec Internet Security Threat Report was released in September 2006 and discusses the threat environment from January 1 to June 30, 2006. Each Report provides a comprehensive view of the Internet threat environment for a six month period, and is a culmination of analysis based on data collected by 1,600 dedicated security analysts around the world. Learning about the threat landscape is important, because it arms you with the knowledge you need to protect your business.
The Threat Landscape
According to the Report, the threat landscape has shifted from
widespread and unfocused Internet worms to targeted attacks aimed at
specific companies, with the intent of gathering confidential data
for the purpose of fraud and criminal activity. The Report also
revealed that cybercriminals tended to focus on targeting
client-side applications in the first six months of 2006. Here are
some additional Report findings:
Top targeted sectors
The Threat Report breaks down targeted attacks by sector, monitoring
a total of ten separate sectors. According to the latest Report, the
small business sector was the ninth most targeted sector between
January 1 and June 30, 2006. In the six months prior to that period,
the small business sector was the fourth most targeted sector. This
positive change may be a reflection of increased security measures,
and continued progress in security technology implementation by
small businesses may help this sector maintain its more secure
status.
Browser attacks
Microsoft Internet Explorer, the most widely deployed browser
worldwide, was also the most frequently targeted Web browser,
accounting for 47% of all Web browser attacks.
Bot networks
A bot network is comprised of a group of bot-controlled systems,
programs that hackers install on systems without the knowledge of
users. Once hackers are able to gain remote control of computers,
they use this access to generate large-scale attacks. According to
the latest Report, the U.S. had 42% of bot command-and-control
computers, the highest worldwide.
Worms dominate
In the first six months of 2006, worms continued to dominate the top
50 malicious code reports. They made up 38 of the top 50 unique
malicious code samples, accounting for 75% of the volume of top 50
malicious code reports between January 1 and June 30, 2006. This is
an increase of over 60% in the previous period and 24% in the first
half of 2005.
Exposed information
Threats that expose confidential information pose a risk to
small businesses. Confidential files and documents, proprietary
information, intellectual property, and customer account information
are all at risk of theft. The latest Report shows an increase of ten
more malicious code samples that exposed confidential user
information from the previous six month period, bringing the total
to 30.
Recommendations
The Report indicates some key practices for small businesses to
follow to remain protected against today's threats. These include:
- Update virus definitions: Keep virus definitions updated regularly. By deploying the latest virus definitions, you can protect your computers against the latest viruses known to be spreading "in the wild."
- Stay on top of patches: Ensure that security patches are up-to-date and that they are applied to all vulnerable applications in a timely manner.
- Layer security: Employ multiple, overlapping, and mutually supportive security solutions to guard against single-point failures in any specific technology or protection method. This should include the deployment of regularly updated antivirus, firewalls, intrusion detection, and intrusion protection systems on client systems. It is more important than ever before for individual machines to have antivirus protection. With the increased use of laptops and computing devices that connect to company firewalls, these devices can potentially infect all other machines since they are now inside the firewall.
- Be educated and aware: You and your employees are the first line of defense, so be aware of your role in security. First, make sure to use passwords that are a mix of letters and numbers and change them often. Second, never open an attachment in an email unless it comes from a trusted source, and never execute software that is downloaded from the Internet unless it has been scanned for viruses. You should also use caution when browsing the Internet, including scrutinizing all end-user license agreements (EULAs) before clicking the "I accept" button.
Conclusion
The latest Symantec Internet Security Threat Report found that
attackers have begun to adopt new techniques, resulting in more
targeted malicious code and targeted attacks aimed at client-side
applications such as Web browsers, email clients, and other
applications. If your business relies on these applications to
conduct business, it cannot afford to run the risk of an attack. The
Report outlines the threats you need to know about, as well as best
practices you can follow to address the risks.
IT Solutions' SharedVision managed services plans offer you full, proactive protection against the latest security threats without the hassles of unpredictable hourly bills. To learn more visit www.itsolutions-inc.com/sharedvision, or call us at 866-PICK-ITS to schedule a free consultation.