Enterprise data under attack

The theft of enterprise data is a trend that is growing alarmingly, according to Nigel Hawthorne, VP of EMEA marketing at Blue Coat Systems.

“We are seeing far more targeted attacks on enterprises, with customers' data being sold on to competitors. It is easy to steal info these days - employees don't need to walk out with reams of paper; information can easily be hidden on a flash drive or smartphone.

Hawthorne cites T-Mobile as an example. “Staff at T-Mobile passed on millions of records from thousands of customers to third-party brokers, resulting in the firm being placed under investigation.” He says this can be stopped by encrypting hard discs and enforcing rules on USB drives.

Unfortunately, he says, people don't understand the value of data, and need to realise that any information of value must be kept within the organisation. “If your competitors can find out who your customers are, that's a real danger.”

Hawthorne adds that business has moved online, as more and more organisations are adopting Web-based applications. “In addition, users are increasingly bringing consumertechnologies into the workplace, generating more security risks all the time.”

Another security trend to watch out for, he says, is search engine poisoning, where cyber criminals try to get illegitimate or infected sites to appear as one of the top results in a search engine's list.

“Criminals take advantage of search engine algorithms to position hacked sites further up in the results. This is a simple means of driving users to malware, particularly of the variety that offers fake anti-virus scanners and suchlike,” he says.

Hawthorne mentions the recent Haiti disaster as an example, where many bogus sites appeared, conning people into believing they were making a donation to help the stricken country.

“Unfortunately, search engines are the point of access to the Internet for almost everyone who accesses it, and as such a certain amount of faith is put in both the safety and the relevance of the search results obtained.”

“The user is always the weakest link,” says Hawthorne. “In the past, careless users have been a security risk. However, these days, the Internet allows you to target very specific users.

“Human behaviour can be exploited on a whole new level now, through social engineering, and using the trust model that is the basis of Web 2.0 applications. Through social networking sites such as Facebook or Twitter, users build relationships with other users online and develop relationships of trust.”

In this way, he explains, cyber crooks can steal information such as login details, by preying on the unsuspecting. Hawthorne says the combination of these types of attacks with search engine poisoning poses a potent threat, and is something to be watched closely in 2010.

According to Hawthorne, the only effective way to combat the various attack methods is a defence that can respond in real-time. This cannot be done with only a client or on-premise defence, and needs to be boosted with cloud-based technologies.

“Many attacks only exist for a couple of hours. Cyber criminals move quickly, exploiting vulnerabilities for the brief time they exist, then moving on to the next one.”

As such, Hawthorne recommends a hybrid security solution that uses the cloud and works in conjunction with security Web gateways installed at the network's edge, to provide better protection for they type of malware attacks seen today. “Importantly, cloud technologies can be used to protect remote users, who are not office-bound.”