Lavasoft News - April 2007

Malware's Heavy Toll on Business

Businesses are increasingly being targeted in cyber-thieves' stealthy attacks, with the toll running the gamut from lost productivity to heavy financial burdens.

According to the United States Federal Bureau of Investigation's Computer Crime Survey, released in 2006, approximately 79 percent of all enterprise PCs in the U.S. are infected with some form of spyware at any given time.

All signs indicate that the problem will continue to escalate unless businesses practice better preventative security measures. Reports from Gartner predict that by 2008, 40 percent of organizations will be targeted by "financially-motivated cybercrime."

"The education for companies about cyber security and the types of threats out there are not being communicated effectively to executives and employees," said Ken Hamilton, president of Total Tech LLC, a technology consulting firm that helps companies use technology to secure and improve their businesses, in a Daily Transcript article.

"They do not understand what a negative impact that threat can have on the company and its employees in terms of placing assets at risk, including intellectual property, competitive information, employees' personal files and customer information."

Compromised data can result in serious repercussions for businesses, but the financial costs of attacks are just as staggering.

Large American organisations are losing an average of 2.2 percent of their annual revenue, which amounts to more than $30 million U.S., to security attacks, according to an Infonetics report on the cost of network security attacks.

Big business is not alone in feeling the heavy toll of security attacks. Small and medium-sized organizations lose about half a percent of their annual revenue to network downtime brought on by security attacks, which runs up to hundreds of thousands of U.S. dollars.

The types of security risks vary depending on the size of the business. Large organizations face denial of service attacks and server malware, while medium-sized companies are hit mostly with client malware. Small businesses are affected across the board by all three types of attacks, Infonetics reported.

And the attacks on business are so pervasive due to the varied types of threats out there.

"The entire IT infrastructure is vulnerable. The network only enables the hacker by providing the avenue of attack. Web applications are vulnerable to business process hacking. Credit agencies, export-import and financial transaction sites have all been hit by attackers who purchase limited access and then abuse the underlying business logic to steal more information than they paid for. Employees are vulnerable to social engineering attacks and bribery that could lead to stolen IP and personal data," Richard Stiennon, CMO of Fortinet, said in an interview with Moneycontrol.com.

While most organizations are working at beefing up security in this age of malware, many remain complacent. Stiennon said most of the remedial steps are taken only after a company has actually suffered an attack.

Businesses, like home users, need to be proactive in having tough security measures in place before attacks occur. Virus scanning for e-mail, protecting wireless networks with encryption, having clear policies in place for employee web use, as well as having top-notch anti-spyware software, are all critical.

Home   arrow

 
Free Registry Booster Scan from Uniblue. The scan will remove a limited number of errors on your PC. To remove all errors, Registry Booster can be purchased for $29.95 (get System Tweaker as a bonus).
Net Stats
The world generated 161 billion gigabytes of data in 2006, according to a new study by technology research firm IDC. That is 3 million times the information in all the books EVER written. Or picture this - 12 stacks of books that each reach from the Earth to the sun. That is a good chunk of photos, videos, e-mail, web pages, instant messages, phone calls, and other digital data.
Source: IDC, AP
Polymorphism
Term of the Month
Polymorphism is a term often used today to describe 'morphing' malware. The spyware application uses a rudimentary form of polymorphism to randomize files, names and registry keys so each infected PC contains a slightly different version of the program. Read the 'computer science' definition of polymorphism at Wikipedia.
Tech Tips
If you cannot save attached files to your PC, your e-mail client may be configured to stop you from opening file attachments of a certain size or type. This is set for security reasons. If you are using Outlook Express, open the Tools menu and select Options. Click the Security tab, deselect the Do Not Allow Attachments To Be Saved Or Opened That Could Potentially Be A Virus option, and click OK. Be sure to scan the saved file for malware before opening it!
Ballot Box Poll Results
Here are the results from our latest Lavasoft.com Ballot Box poll:
How well do you read EULA's (End User License Agreements)?
I read in detail :789
I scan the text :2593
I accept without reading :5772
Go to Lavasoft.com and take our latest poll: Do you know what pharming is?
Helpful Homepage
There are countless rogue/suspect anti-spyware products and websites out there trying to fool PC users today. Lavasoft News found a great webpage listing a good number of these, including screenshots. Educate yourself at Spyware Warrior!
Lavasoft AB
Lilla Bommen 1
411 04 Gothenburg
Sweden

www.lavasoft.com
editor@lavasoft.com
Page footer
http://www.lavasoft.com http://www.lavasoft.com