|
|||||||||||||||||||||||||
|
|||||||||||||||||||||||||
|
ScanSafe Predicts Web 2.0 Exploits and Roaming Workers Will Top Security Threats in 2008December 11, 2007; 05:34 AM LONDON & SAN MATEO, Calif.--ScanSafe, the pioneer and leading provider of Web Security-as-a-Service, today issued its 2008 security threat predictions. Topping the list—a continued growth in malware hidden on Web 2.0 sites and heightened security risks related to the growing number of remote and roaming workers. The full list of predictions includes: 1. Cyber Criminals Follow the Money: Web 2.0 Will Continue to Fuel High Profile Attacks 2. Remote and Roaming Security Becomes a Mounting Pain Point for Businesses 3. Continued Pressure to End Public Disclosure of “WhoIs” Information 4. Growing Underground Market for Warehousing and Selling of Stolen Database Information 5. Storm Worm Hangover Continues Well Into 2008 “Cybercrime is estimated to be a 100 billion dollar-a-year industry,” said Mary Landesman, senior security researcher. “According to the SANS Institute, the average lifetime of an unprotected PC on the Internet is 30 minutes before over 55 percent of them are infected with some form of spyware. With odds such as this, users and corporations alike must be vigilant. The 2008 threat landscape further highlights the need for improved user education and awareness. At the same time, solutions need to find a balance between security and usability, making it as easy as possible for people to integrate security into their everyday business and consumer communication habits.” ScanSafe scans more than 7 billion Web requests and blocks more than 70 million Web-based threats each month, representing the largest analysis of Web security threats based on real-world traffic. 1. Web 2.0 Will Continue to Fuel High Profile Attacks The explosion in popularity of Web 2.0 applications has made Web 2.0 sites an increasingly rich target for cyber criminals. MySpace alone boasts more than 200 million users. Web 2.0 applications will remain a key source of Web-based malware in 2008 and beyond. Examples include:
2. Remote and Roaming Security a Mounting Pain Point for Businesses The workforce has expanded well beyond the four walls of the office. According to research from WorldatWork, 45 million Americans work from various locations outside the office including home, hotels, airports, cars and other hotspots. As more employees are required to work remotely, and as many companies offer telecommuting as a job perk, it has become increasingly challenging for IT administrators to enforce policies for appropriate use of corporate resources—including use of the Internet on corporate-issued laptops. While employees enjoy the benefits of being un-tethered from the office, IT departments are left to address the unique security challenges that the roaming worker and an increasingly elastic network perimeter present, and that are beyond the scope of a VPN tunnel. 3. Continued Pressure to End Public “WhoIs” Information Expect the heated debate over whether or not to continue to make “WhoIs” database information—the information that ties an Internet domain name (www.mywebsite.com) to the owner of the site—public to continue in 2008. Privacy advocates and others are urging ICANN, the international body that overseas domain names, to end the ability for anyone to do a “WhoIs” lookup, arguing it infringes on website owners’ privacy. Current methods provide a means for legitimate users to suppress public display of their private information. The real beneficiaries of the removal of “WhoIs” will be the attackers themselves. As criminal profits continue to soar on the Internet, these same entities will likely actively lobby for and pursue changes that create an Internet environment even more conducive to carrying out online crime. 4. Growing Underground Market for Warehousing and Selling of Stolen Database Information In 2007, data theft hit new records. Discount retailer T.J. Maxx, parent of T.K. Maxx, reported data theft involving 45.7 million credit and debit cards. In late November, the British Government announced that the complete personal data of 25 million individuals had been inadvertently lost—the largest data loss in the country’s history. Given the frequency of such large scale data vulnerabilities, expect to see a growing underground market for confidential personal information. ScanSafe predicts an increase in the selling and servicing of stolen contact databases, mimicking what is seen in “legitimate” data warehousing. 5. “Storm Worm” Hangover Continues Well Into 2008 The Storm Worm dominated the security landscape in 2007 and its effects will continue to be felt in 2008. However, there have been several misconceptions about Storm. Contrary to popular belief, the Storm family of threats evolved in 2006. In January 2007, one of the variants was spread in an email bearing the subject line “230 dead as storm batters Europe.” This email coincided with a very real and deadly storm in Europe, earning its nickname “Storm worm.” The real take-away from Storm is that it is a well thought out, extremely organized series of attacks that have led to the creation of one of the largest botnets, estimated to be well over 1.5 million infected machines at any given time. Expect this botnet to be leveraged by cyber criminals in 2008 and beyond. For continued discussion of 2008 security predictions as well as the latest information on Web-based threats, please visit the ScanSafe STAT blog at http://blog.scansafe.com/. About ScanSafe ScanSafe is the largest global provider of Web Security-as-a-Service, ensuring a safe and productive Internet environment for businesses. ScanSafe solutions keep viruses and spyware off corporate networks and allow businesses to control and secure the use of the Web and instant messaging. As a fully managed service, ScanSafe's solutions require no hardware, upfront capital costs or maintenance and provide unparalleled real-time threat protection. Powered by its proactive, multilayered Outbreak IntelligenceTM threat detection technology, ScanSafe scans more than 7 billion Web requests and blocks 70 million threats each month for customers in over 50 countries. With offices in London and San Mateo, California, ScanSafe is privately owned and financed by Benchmark Capital and Scale Venture Partners. The company received a 2007 CODiE award for Best Software as a Service Solution, the SC Magazine Europe Readers Trust Award for Best Content Security Solution and was named one of Red Herring Magazine’s 2007 Top 100 Global tech companies. For more information, visit www.scansafe.com.
|
|
Copyright © 1998 - 2018 DevStart, Inc. All Rights Reserved |