Johannesburg, 27 Jan 2012
IT security and data protection company, Sophos, has unveiled its latest Security Threat Report, detailing the threat landscape from hacktivism and online threats, to mobile malware, cloud computing and social network security. IT security trends for the coming year are also highlighted.
A Sophos poll, conducted online at the end of 2011, surveyed more than 4 300 global respondents about today's biggest threats on the Internet.
Key findings from the research include:
* Sixty-one percent feel that the biggest threat on the Internet is users not doing enough to protect themselves.
* Nearly 20% believe social networking scams are the top threat.
* Sixty-seven percent think that malware is on the rise compared to 2010.
2011 was characterised by a rise in cyber crime. The availability of commercial tools designed by and for cyber criminals made mass generation of new malicious code campaigns and exploits trivial and scalable. The net result was significant growth in the volume of malware and infections. Cyber criminals also diversified their targets to include new platforms, as business use of mobile devices accelerated. Politically motivated “hacktivist” groups took the media spotlight, even as the more common threats to cyber security grew.
The consumerisation of IT, also called “bring your own device”, or BYOD, became one of the newer causes of data vulnerability. Employees accessed sensitive corporate information from their home computers, smartphones and tablets. Moreover, corporate-issued mobile devices increased risk, as did the rise of cloud services and the use of social media.
According to the Sophos online poll, which asked users if their company allows personal laptops, desktops or phones for work, nearly 50% of respondents said “yes”. Another 10%, who said their company doesn't allow personal devices for work, preferred they did.
Last year also saw cyber criminals launching attacks designed to penetrate digital defences and steal sensitive data. Almost no online portal proved immune from threat or harm. SophosLabs identifies an average of 30 000 newly-infected Web pages each day. More than 80% of these Web pages are on innocent Web servers, which have been hacked by cyber criminals to make them part of the problem.
Additionally, 85% of all malware, including viruses, worms, spyware, adware and Trojans, comes from the Web, according to the Ponemon Institute. Today, drive-by downloads have become the top Web threat, and in 2011, one crimeware kit, known as “Blackhole”, rose to the number one on that list.
Despite Microsoft's regular updates to patch Windows OS vulnerabilities, the content delivery systems remained the largest vulnerability on any OS. In 2011, the emergence of malware for the Mac upstaged Windows malware. While the Windows malware problem is much larger, the events of 2011 show Mac users that the malware threat is genuine.
There are many factors that will impact the IT security landscape this year and into the future. These include new attacks using social media platforms and integrated applications, more targeted attacks on non-Windows platforms and mobile payment technologies under threat, among others which are highlighted in the report.
“As cyber criminals expand their focus, organisations are challenged to keep their security capabilities from backsliding as they adopt new technologies. As users continue to access information in different ways, from different devices in different locations, security tools must be able to 'protect everywhere' - from desktops to mobile and smart devices and the cloud,” says Brett Myroff, CEO of Sophos distributor, NetXactics.
“More importantly and often disregarded is that cyber criminals will continue to stalk the easiest prey - security basics like patching and password management will remain a significant challenge.”
The full, ungated report is available for download from the sophos.com homepage (http://www.sophos.com/en-us/security-news-trends/reports/security-threat-report.aspx).
Share