Beating the plague of the PC

According to a Cisco-sponsored survey, IT organisations are feeling more positive about Internet security. In fact, 72% of UK respondents feel their companies are more secure than they were 12 months ago. It was revealed, however, that 11% of CIOs and IT directors take a "reactive only" approach, as opposed to taking preventative measures prior to attack.

Regarding educating staff on security issues, 92% of respondents have acceptable usage policies, 85% have e-mail usage policies, 81% have password policies, and 59% train staff on the need for regular backups.

This trend has not taken hold locally however, as local research recently indicated. Perhaps education locally should be more highly prioritised, considering the outcomes of surveys conducted in the run-up to the Infosecurity Europe show.

Eighty-one percent of people quizzed at London`s Victoria station were more than ready to part with all their personal details for a small chance of winning an Easter egg bonanza.

The survey was based on social engineering tactics and got people to inadvertently give away sensitive information, such as date of birth, address and mother`s maiden name - all information commonly used to protect bank account details.

72% of UK companies are more secure than they were 12 months ago.

Ilva Pieterse, ITWeb contributor

It should be noted, however, that in a similar survey conducted last year, 92% of those approached gave away information. I wonder how the South African public would fare.

Ever considered the value placed on personal information? A Times report says $5 is given for details with security code numbers, and if a valid PIN code is thrown in, these can fetch as much as $175 a pop.

So what are the signs to look out for malware infection? It`s not very easy, as a recent McAfee published survey reports. The use of stealth technology (which makes infection almost imperceptible to the user) has gone up 600% in the last three years, the report says.

Is open source to blame for this dramatic increase? McAfee seems to think so: "The open source environment, along with online collaboration sites and blogs are largely to blame for the increased proliferation and complexity of rootkits," McAfee says.

It is not only malware that`s becoming more sophisticated - phishing is hot on its heels.

Although the volume of phishing attacks hasn`t really grown in recent months, bad guys are finding ways to hit targets more effectively. This is according to Paul Wood, senior analyst for New York-based MessageLabs.

Phishing attacks accounted for 14.5% of all malicious e-mails intercepted in a month, and one in 309 e-mails was a phishing attack, MessageLabs explains. That may not seem like a lot, Wood said, but beyond the raw numbers are other indicators of a threat that`s worsening.

Though it`s becoming easier to identify phishing e-mails because of public awareness, attackers are finding other ways to fool the public. They are no longer using spoof sites connected to the banking sector alone, but are making use of electronic greeting cards (or e-cards) to get an unsuspecting user to click though to a spoof Web site.

Financial services continue to be the most targeted industry, suffering 92% of all phishing attacks in January.

An interesting new trend detailed in a report by anti-virus firm Kaspersky Labs, is that of hackers directly blackmailing users. Incidents of this have risen dramatically in the first three months of this year.

Kaspersky cites cases where virus writers have either encrypted data or corrupted system information before demanding a ransom for safe return of data to victims. The quantities demanded vary between $50 and $2 500.

Statistics from security firm Sophos show China (including Hong Kong) is closing in on the US as the top spam relaying country. Stats taken from the first three months of 2006 show the US stands at 23.1% of the spam relaying total, and China accounts for 21.9%. Other countries are far behind, as indicated by the list below:

1. US (23.1%)
2. China (incl Hong Kong) (21.9%)
3. South Korea (9.8%)
4. France (4.3%)
5. Poland (3.8%)
6. Spain (3.3%)
7. Germany (3.0%)
8. Brazil (2.9%)
9. Japan (2.0%)
10. UK (1.9%)
11. Netherlands (1.8%)
12. Taiwan (1.6%)

Sources used: The Register, SearchSecurity, thawte