2010 IT security threats point to priorities for 2011, says Sophos

Cyber threats of 2010 highlight the top risks to business for 2011, including social media sites, whistleblowers, and hacktivists, warns security firm Sophos.

Cyber threats of 2010 highlight the top risks to business for 2011, including social media sites, whistleblowers, and hacktivists, warns security firm Sophos.

The past year has seen some significant changes, that are not just part of a general escalation of threats, which Sophos believes businesses should note.

First, 2010 saw a substantial growth in cybercrime linked to social networking sites, according to security firm's latest security threat report.

Malware, phishing and spam on social networks all increased in the past year, with 40% of over 1,000 users polled by Sophos reporting malware incidents, up 90% from 2009.

Two thirds said they had been spammed through social networking sites, more than double the 2008 figure, and 43% reported phishing attacks, more than double the 2009 figure.

Half those polled said they had unrestricted access to social networks at work, but 59% believe employee behaviour on such sites could endanger corporate security, and 57% worry that colleagues are sharing too much information on these sites.

Most businesses have e-mail gateways well protected, but social networking is a chink in the armour that cybercriminals are looking to exploit, said Graham Cluley, senior technology consultant at Sophos.

"Employees will always find a way to access social networking sites, so businesses need to scan every link users click on to stop attacks where they are happening and protect corporate networks from infection," he said.

The report highlights the distributed denial-of-service (DDoS) attacks by supporters of Wikileaks and the discovery of the Stuxnet worm as key developments in 2010.

These exemplify the development of cybecrime from mischievous virus writing, through financially motivated crime, which is still the main threat, to political motivation, the report said.

The Wikileaks exposure of US diplomatic cables should prompt all business organisations to ask if such leaks could happen to them, said Cluley.

The trends towards politicisation of attacks and whistleblowing are likely to continue in 2011, he said, so businesses must ensure they have adequate control over their data to avoid embarrassing leaks, and be able to withstand DDoS attacks.

"Most security firms focus on external threats, but insider threats are just as important because employees have access to sensitive data that can be leaked either accidentally or for malicious purposes by disgruntled individuals," said Cluley.

The best approach is for businesses to reduce this risk, he said, by using data leakage prevention technologies and setting policies to require encryption of any sensitive information transferred to portable media.

At the very least, he said, businesses should review their policies on the collection, storage, access and transmission of sensitive data.

They should also review their ability to withstand DDoS attacks, as this increasingly becomes a standard form of protest, warned Cluley.

"Hacktivism, as we saw in support of Wikileaks, spells danger for any organisations connected with controversial groups or activities, as it becomes easy for protestors to join botnets to carry out DDoS attacks, or worse," he said.

Security on Websites should be another area of attention for businesses, said Cluley, as Sophos identified an average of 30,000 new malicious websites every day in 2010, and more than 70% of these were legitimate websites that had been hacked.

"This means business and website owners could be infecting their patrons unintentionally and without knowledge," he said.

Securing websites typically takes second place to adding new functionality, but failure to protect customers and their personal information could be costly in terms of reputational damage and loss of confidence in a brand, said Cluley.

These changes in the way the game works, he said, should help IT security representatives make the business case for investing the necessary time and money in 2011 to get their houses in order.

Sophos analysed about 95,000 pieces of malware a day in 2010, and that is only likely to increase in the coming year, he said.

But the good news, said Cluley, is that security protection is also getting better at protecting against unknown threats and was able to defend proactively against most threats encountered in the past year.

Read more on Hackers and cybercrime prevention

Data Center
Data Management