Top 10 security stories of 2009

Top 10 security stories of 2009

1. Government data security hobbled by cost dispute

Whitehall has failed to roll out compulsory security safeguards two years after HM Revenue & Customs lost CDs containing highly sensitive details of 25 million people.

2. Expect more phishing attacks on corporate bank accounts in 2010

Corporate bank accounts are under attack from cybercriminals who are using targeted phishing e-mails to steal funds. The threat is likely to be one of the biggest trends in 2010, according to the Anti-Phishing Working Group (APWG).

3. First ever iPhone worm Ikee unleashed by Aussie hacker

The first worm targeting Apple's iPhone has been unleashed by an Australian hacker. But the Ikee worm can infect only iPhones that have been modified or "jailbroken" to run unauthorised software and does not do anything malicious.

4. FBI database holds records on 1.5 billion people

More than 1.5 billion government and private sector records about US citizens and foreigners are stored in an FBI database, declassified documents have revealed. The database is kept at the FBI's National Security Branch Analysis Center (NSAC) near Washington, according to the documents acquired under a freedom of information request.

5. Over a third of Wall Street and Canary Wharf workers are stealing sensitive data

Forty-one per cent of finance sector workers have taken sensitive data to new jobs, according to a study of 600 workers in Wall Street and Canary Wharf.

6. Firms lower security despite cost of breaches

UK medium to large companies each lost an average of £16,000 through security breaches and yet nearly two-thirds have cut or frozen IT security budgets, research has revealed.

7. Cloud could improve data security

Security is widely seen as an inhibitor to enterprise adoption of cloud computing, but could it be a chance to achieve better security?

8. Twitter and Facebook victims of a massively co-ordinated attack

Twitter was downed by a DoS attack and took nearly three hours to restore services after it experienced connectivity problems. Twitter and other companies, including Facebook, were victims of "a single, massively co-ordinated attack", according to a blog post by Twitter co-founder Biz Stone.

9. Smart Trojans used to ransack bank accounts

Cybercriminals are using smart Trojans to steal huge sums of money from online bank accounts without being detected, security firm Finjan revealed. A recent series of thefts indicates the cybercriminals are using increasingly sophisticated techniques to ransack bank accounts.

10. Anti-virus software fails to protect

Anti-virus software is not good enough to protect organisations from cybercriminals. Common anti-virus products are detecting only between 75% and 95% of malware, Felix Freiling, a professor at the University of Mannheim, told the ISSE 2009 security conference in The Hague.

Read more on IT risk management