Sophos identified 5 major IT security threats for 2009. How accurate was the company’s 2009 Security Threat Report? Which security threats put your organization most at risk?
In its 2009 Security Threat Report, Sophos highlighted the biggest security breaches of 2008 and forecasted the most important security threats for 2009. According to the report, the largest security violations of 2008 were:
· web threats (exploitation of legitimate websites, SQL injection attacks)
· email (with malicious attachments or web links)
· malware (spyware, adware, fake antivirus software)
· spam (typically from compromised computers acting as botnets)
· Apple malware (including two Trojans aimed specifically at Mac OS X)
· mobile phones and Wi-Fi devices (including malware targeting the Apple iPhone and T-Mobile’s G1, running Google Android)
· data leakage (resulting mostly from lack of data encryption, but also from practices such as recycling hardware)
· state-sponsored cybercrime (the most publicized being Russia’s and Georgia’s attacks on each other’s government websites)
Based on the top threats of 2008, Sophos predicted that the biggest security threats of 2009 would be data leakage, compromised PCs, web insecurity, malicious emails, and identity theft. How serious were these threats in your organization last year? What security threats are you facing in 2010?
· Sophos predicted that data leakage would become an ever-larger concern in 2009, especially with the increasing use of mobile technologies. Many countries have already introduced strict disclosure laws, or will soon do so; these laws are aimed at stopping companies from brushing security breaches under the carpet. Even a very restricted data breach, once disclosed, can affect overall trust in an organization’s products and services.
· According to Sophos, compromised PCs, both at home and at work, would continue to remain the primary source of spam in 2009. With many botnets now adopting a decentralized, P2P-style of operation, quick wins such as the success of taking down the botnet command-and-control centers hosted by provider McColo are becoming harder to achieve.
· Sophos forecasted that the primary avenue for distributing web-borne malware in 2009 would continue to be web insecurity—most notably, weakness against automated remote attacks such as SQL injections. Cybercriminals can send innocent-looking spam that links to legitimate, but hacked, web pages; these hacked sites link invisibly to malicious content.
· Sophos predicted that in 2009, malicious emails would include an increasing proportion of attachments or web links to nonprogram (non-EXE) files that appear to be legitimate data files (e.g., Word DOCs, PDFs) but contain exploits against software vulnerabilities. Viewing these files, which is harmless on a patched computer, can lead to an invisible disaster on an unpatched one.
· According to Sophos, identity theft would continue to adversely affect customer loyalty in 2009. The report urged companies to assure their customers that proper and thorough security measures are being taken, to minimize the risk of a breach.
We’d love to hear about the biggest security threats facing your organization, whether past problems that you’ve now remedied, current threats that you’re still battling, or risks you foresee in the future. Feel free to leave comments here, or email me directly at [email protected].
