Enterprises are more likely to be vulnerable to sophisticated
cybercrimal attacks than they believe, says consultancy firm
KPMG.
A quarter of organisations polled in the
e-Crime Congress and KPMG e-Crime Survey 2009 said they did not
know or had no way of measuring increases in the technical
sophistication of attacks.
But the e-Crime Survey report says some organisations may be
more vulnerable to attacks than they realise, with 44% reporting
that attacks are growing in sophistication.
Organisations said targeted attacks were among their biggest
concerns because they becoming increasingly difficult to detect.
Some 37% of respondents reported an increase in this type of
attack.
Technology is not keeping up, Malcolm Marshall, partner at KPMG
told the e-Crime Congress 2009 in London.
"We have seen targeted attacks succeed against a sophisticated
user like a CIO using information from family members' profiles on
social networking sites," Malcolm Marshall said.
The survey revealed 62% of organistions do not believe their
business dedicates enough resources to locating
vulnerabilities.
Half of IT respondents said their organisations are not
sufficiently protected against malware and 79% of all those
surveyed said signature-based detection methods do not provide
enough protection.
Many organisations relying on the internet for the way they
conduct business are still not getting the basics right, such as
regular security updates for all applications, said Marshall.
"The most successful attacks exploit basic errors. We need to
get the basis right, educate users and improve defences and find
new business models, or face a meltdown in e-business," he
said.