Follow on Google News News By Tag * Virus * Malware * Social Networking * Identity Theft * Trojan * Data Theft * Website * Organised Crime * More Tags... Industry News News By Location Country(s) Industry News
Follow on Google News | Businesses Underestimating the Threat of Web-based AttacksMalware is becoming more subtle and used by criminals in blended attacks for stealing data. However, many businesses do not realise the threat has changed, according to a new survey
As well as the increase in volume, malware is becoming harder to detect and more subtle in its functionality, and the methods by which it is distributed are also causing concern. Websites are now the most popular attack vector and the objective is data theft, be it employee or customer data or intellectual property. Legitimate sites are being used to distribute malicious code, snaring unwary visitors into downloading viruses and giving away information. In addition we are witnessing more and more attacks that use Facebook and Twitter as a vector. Business publication Computing, in association with software vendor Symantec, surveyed 150 business decision makers in order to understand their view and experiences of web attacks. The survey also asked how organisations protect their data, their brand and their customers from phishing attacks or hacks of their corporate website. A massive 79% of the survey respondents reported that their systems have been infected with malware. 41% reported phishing attacks with 32% suffering other forms of “social engineering” The survey revealed that at least one in ten businesses websites have been compromised in one way or another. Imagine a high street in which one in ten shops has been broken into, with the thieves stealing customer information, credit card details, names, addresses, dates of birth and so on and you start to appreciate the scale of the problem. For these firms their shop window has become an open door. A further 12% did not know whether they had been compromised or not, or were not prepared to say. So, how did these businesses discover their website had been compromised? Computing asked what systems respondents had in place to alert them in the event of a website compromise 34% of respondents have their website scanned regularly (usually daily) as part of the service provided by either the certificate authority (CA) or web security vendor. However, in excess of 35% of respondents have no formal system in place and 27% rely on scheduled penetration testing. Penetration testing (often put in place for compliance requirements) The survey illuminates a remarkable blind spot. While the threat of malicious code being spread by websites was listed as the number one concern, very few of the respondents saw their own website as being at risk of becoming vector for malware – music to the ears of the virus writer! Read the full report: http://www.ithound.com/ # # # Incisive Media is one of the world's leading B2B information providers, serving the financial and professional services markets globally. End
Account Email Address Disclaimer Report Abuse Page Updated Last on: May 18, 2011
|
|