Greater access to the Internet and subsequent explosion in popularity of virtual social networks is fuelling the need for proactive IT security, writes Christo van Staden, director at Carrick Holdings. Global vendors of IT security services and technology state highlight the proliferation of Internet-based services and related product as a factor behind a surge in worldwide threats.
There is no doubting the positive implications of an increase in access to online facilities, improved broadband and connectivity in remote areas, and focused attention on basic ICT literacy.
More people are being introduced to the wonders of the World Wide Web and technology suppliers are stepping up efforts to meet the increasing demand for digital lifestyle product. But whilst digital interaction is being promoted on unprecedented levels, the risk of IT security breaches and attacks is also on the rise.
Consider the introduction of websites that promote digital interactivity, more specifically those that encourage people to post details of themselves online. This has a ripple effect as more people latch on to what is an interesting, captivating online social experience.
The chat room concept has evolved into a virtual community of users that are able to solicit details about one another instantly and with little concern over the often minimal security measures put in place to regulate the environment. Users often neglect to consider that once the information is out in the virtual domain, it can be technically accessed by anyone.
The reality is that more people are using technology as a primary means of communication – and the more components and peripheral gadgets that can be connected to the Internet, the better. These can often provide the ideal framework for vulnerability exposure and the opportunity for attackers to manipulate backdoor entrances established through malicious code attacks.
According to the Symantec Internet Security Threat Report (based on trends scrutinised between July and December 2006), the modus operandi of attackers has shifted. The chief motivation for modern attackers is data theft for financial gain, and the method of attack is based on the exploitation of so-called ‘medium severity vulnerabilities’ in third party applications.
The underlying strategy that defines today’s cyber criminal activity is the formation of networks to support converged, co-ordinated attacks. Consolidation is undeniably a key characteristic.
In its study Symantec documented 2 526 vulnerabilities in the second half of 2006, 12% higher than the first half of the year. The company classified four percent of all vulnerabilities disclosed during this period as high severity, 69% were catagorised as medium severity and 27% were low severity.
Furthermore, of the top ten new malicious code families detected in the last six months of 2006, five were Trojans, four were worms and one was a virus.
The report also mentions the fact that Trojans accounted for 60% of the top 50 malicious code samples when measured by potential infections. Threats to confidential information made up 66% of the top 50 malicious code reported to Symantec.
One of the more alarming trends picked up by the Symantec Probe Network was the detection of 166, 248 unique Phishing messages. This represents a six percent increase over the first six months of 2006. As mentioned in the report, this equates to an average of 904 unique Phishing messages per day for the second half of 2006.
If one reflects on these trends, it is clear that companies must pay more attention to how they regulate Internet usage, what security measures need to be in place to curb the abuse of the resource through intent and/or ignorance.
Security awareness training is now considered vitally important to ensure that users are not caught unawares. Phishing attacks, especially, probe for a human response or reaction and a person with no training or basic security knowledge will easily fall victim. These attacks on based on the principles of social engineering.
By the same token individuals need to realise that digital interaction and participation in websites, in many cases, is harmless and fun. But there is always a way for attackers to manipulate the situation and its best to be alert and aware.