Category Archives: Enterprises

Large businesses, governments, and militaries are entities the size we call “enterprises,” and as such, are frequent targets for attack.

New Research: IT Pros Sound Off On 2010 Security Concerns

Posted on by

Research from the enterprise security experts at Webroot

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to FurlAdd to Newsvine

With the explosion of social networking sites like Twitter and Facebook in 2009, it’s no surprise cybercriminals have set their sights on these Web sites for new victims. Facebook now has over 400 million active users and Twitter has over six million — a sizeable pool of potential targets.

These new threats are a cause of great concern for IT managers and businesses. Webroot recently surveyed over 800 IT professionals in the US, UK and Australia, at companies ranging from 100 to 500 people in size, to learn what are their biggest concerns for 2010. Eighty percent of those who responded anticipate Web 2.0-based malware threats will be among their biggest challenges, and 73% said these types of malware are much harder to manage than email-based threats.

Many IT admins reported they thought their organizations were sufficiently protected, but that wasn’t always the case: Significant numbers reported attacks from viruses (60%), spyware (57%), phishing attacks (47%), hacking attacks (35%), and SQL injections of their Web sites (32%). What’s more, because malicious hackers have a financial motive, individuals who possess sensitive business data are perfect targets. Increasingly, small and medium-sized businesses (SMBs) come under attack because they are less likely to have the multpile layers of protection that larger enterprises do.

Data breaches, when they happen, can be devastating to SMBs: According the the FBI, blended Web and email attacks led to approximately $100 million in attempted losses last year. SMBs can take precautions to make sure they aren’t a part of these staggering statistics. It is important to keep up with the latest threat vectors by using a security service with URL filtering, end user policy management and virus protection, and by making sure employees are educated on know to avoid threats in a growing landscape — especially when it comes to social media.

Webroot will address this topic in greater depth when our CTO Gerhard Eschelbeck delivers a Web security trend report at the RSA Conference 2010 Wednesday, March 3, at 4:30 p.m. PST in the Briefing Center on the Expo Hall floor. We’ll continue the conversation at Infosec Wednesday, April 28 at 3:20 p.m. GMT in Earls Court when Eschelbeck  presents Securing the Internet for a Web 2.0 Collaborative Culture.

wordpress blog stats

Internet Security Trends – A Look Back at 2009, A Look Ahead to 2010

Posted on by

By Gerhard Eschelbeck

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to FurlAdd to Newsvine

It’s been a busy year in Internet security — cybercriminals were crafty and creative while we security vendors worked hard to stay a step ahead. Let’s take a look back at the biggest security trends of 2009, and at predictions for what’s ahead in 2010.

2009 – The Year in Review

Conficker. Targeted at enterprise networks but also crossing over to individuals who could bring it home on a USB stick, Conficker generated a lot of media discussion which drove confusion among consumers and concern among IT admins. Conficker renewed the public’s focus on Internet security, at a time when the threat landscape was growing more complex.

Consolidation. In 2009, we saw Symantec acquire MessageLabs, McAfee acquire MX Logic, Cisco acquire ScanSafe, M86 acquire Finjan, and Barracuda acquire Purewire. Many large vendors have track records of poorly integrating smaller companies after acquiring them for a key piece of technology. At the endof this year, we’re left asking, will true innovation now only be possible among the few independent vendors remaining?

Social Media. Concerned about productivity and infection, enterprises struggled with corporate usage policies of social networks — media that is now ubiquitous, and also integral to communicating with and understanding customers. Meanwhile, consumers adopted social networks en masse, providing cybercriminals with a huge target for harvesting personal data via Koobface and various spam campaigns.

The Cloud. While the definition of “cloud computing” and “in the cloud” held different meanings in 2009, enterprises continued to adopt security as a service for its easier, faster, more efficient and cost-effective distribution of security updates. Vendors extended their SaaS-based technology into their consumer solutions after proven success in the enterprise market — an exciting convergence of technologies.

Malware Trends. We saw a changing Internet user who is highly mobile, presenting a new set of attack vectors for malware authors. We also saw increasingly sophisticated malware — cybercriminals using email to distribute malicious Web links and manipulating SEO by programming malicious links near the top of search results for popular news stories — and an explosion of social engineering tactics employing fake security alerts and rogue AV products with new variants launched seemingly in real-time.

2010 — The Year Ahead

Threat Landscape. The malware attacks of today are different than in recent years. Hybrid malware, combining the use of Web and email to carry out sophisticated attacks, will become even more prevalent in 2010. Narrowly targeted malware, which requires the presence of specific applications or data to engage in malicious activity, will also be on the rise. Finally, the increasing “real-feel” of phishing sites and emails — as evidenced by a recent Verified by Visa scam — are keeping security vendors, IT directors and consumers on their toes.

Social Media. Attacks on social networks will continue to increase in volume and scope, targeting communities such as Facebook and Twitter as well as those we’ll see emerge in the coming year. Social networks present a very good ROI for cybercriminals using them as a platform for perpetrating URL-based attacks. This trend will intensify — through shortened links, user-generated content, videos, and so forth. Friend, Follower, Tweeter, beware.

The Cloud Grows. We predict cloud computing as the computing platform, such as the Amazon data center model, will be the next generation of the Internet. Computing will become like a utility, similar to how we use electricity today. We will pay for what we use; the PC will become the visualization tool we look into for applications in the cloud. More cloud computing platforms will become available as we capitalize on this economical, scalable model.

While this may seem like a daunting list of threats and predictions, the good news is, the security industry has never been stronger: The level of innovation, the raised awareness, the healthy competition among vendors — together make for an optimistic outlook. We at Webroot wil continue to work hard to create effective technologies to make the Internet and the cloud a safe place for consumers and businesses alike.

wordpress blog stats

Oh, Hush Chicken Little – The Sky is Not Falling: Why Cloud Security is Still Safe

Posted on by

By Brian Czarny

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to FurlAdd to Newsvine

This week it was impossible to escape the “big news” that Twitter got hacked. The French hacker, known as “Hacker Croll,” who made headlines back in May for a similar Twitter breach, was at it again. This time he managed to get his hands on at least 310 sensitive Twitter business documents by gaining access to an employee’s email account, subsequently using information found in that account to then access the employee’s Google Apps account to steal the confidential company documents. The hacker sent the documents to TechCrunch, who then chose to publish them along with an account of the breach.

This highly publicized breach got people talking, and ignited a wave of speculation about two things: first, about the security of passwords and how easy it is to guess the answer to someone’s security question based on publicly available information found on social media sites; and second, about the security of data stored “in the cloud” – in this case, Google Apps.

chicken little JPEG

Oh no, the sky is falling!

Our data isn’t safe in the cloud!

On the second point, let’s not take this too far. This incident has little to do with the security of the cloud apps themselves. It is much more about the first point and the security practices that users of all Web sites and applications – whether they are banking sites, social media sites or cloud applications – should be employing in their day-to-day use.

The key learning end users should take from this incident is that password security is critical, both in terms of the passwords you choose as well as the amount of data you expose publicly through social media sites like Twitter and Facebook.

Twitter spells this out on its blog response and even Hacker Croll himself articulates that his intention is to teach people a lesson about the security holes in secret questions:

What I would like to say is that even the biggest and the strongest do silly things without realizing it and I hope that my action will help them to realize that nobody is safe on the net. If I did this it’s to educate those people who feel more secure than simple Internet novices. And security starts with simple things like secret questions because many people don’t realise the impact of these question on their life if somebody is able to crack them.”

Continue reading

What Keeps IT Professionals Up at Night

Posted on by

By Brian Czarny

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to FurlAdd to Newsvine

Webroot recently surveyed more than 300 email and Web security professionals about email management, compliance, archiving, encryption, spam, viruses, Web filtering and Web-based malware attacks.  Our research shows that security practices and risk perceptions have evolved over the last year – the top three security concerns are email threat protection, data security/confidentiality and Web threat protection.  Other highlights of the survey include:

  • Security professionals are clearly worried about insufficient resources for Web security– a potential result of the economic downturn.
  • The large number of organizations that were required to retrieve email for legal or compliance reasons within the last year indicates that email archiving services are becoming increasingly important.
  • Most companies experienced some type of negative impact due to Web-based threats over the last 12 months, ranging from server outages and disrupted business activities to compromised data or transactions.
  • 23% of survey respondents experienced a data breach – which cost between $10,000 and $1 million:

Companies with a Data Breach

Just two weeks ago, Heartland Payment Systems disclosed that intruders hacked into the computers it uses to process 100 million payment card transactions per month for 175,000 merchants in one of the largest breaches on record.  This past April, the Virginia Department of Health Professions learned that its Prescription Monitoring Program (PMP) computer system had been accessed by an unauthorized user – who then demanded $10 million to return over 8 million patient records and 35 million prescriptions.

Continue reading

As Web 2.0 explodes, does IT security implode?

Posted on by

By Jesse McCabe

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to FurlAdd to Newsvine

Social media sparked a revolution in how we communicate. From best friends to business owners, more of us every day are using a social networking site to connect with people. Facebook welcomes 700,000 new members daily, and an estimated 4-5 million people are now reading tweets on Twitter.

istock_000000590930_med_lockedkeyboard01And cybercriminals are having a field day exploiting the vulnerabilities social networks have exposed in our Internet security practices.

By and large, Internet security at the network level has recently consisted of on-premise URL filtering mechanisms used by organizations to enforce company Internet use policies and improve employee productivity.  These solutions also offered protection by blocking access to sites classified as containing malware. For a while, this approached appeared to work.

Continue reading

Introducing the Threat Blog

Posted on by

By Andrew Brandt

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to FurlAdd to Newsvine

Welcome, readers. I’m a member of the Threat Research team at Webroot, and I’ve been asked to contribute to Webroot’s new Threat Blog. I’d like to take a moment to introduce myself, tell you a little about what we do, and explain how we plan to use the blog to keep you informed.

Webroot’s threat experts are responsible for defining new malware, and variants of existing malware, that are being introduced every day. We spend the bulk of our time, to summarize in a massively oversimplified manner, breaking PCs by infecting them with Trojan Horse applications, virii, worms, rootkits, password stealers, and other malicious and undesirable software, then figuring out how to fix them again. We infect our PCs, over and over and over again, so you don’t have to; then we make sure Webroot’s products will protect against or remove the infections.

As you can imagine, our perspective on the front lines of Internet security gives us significant insight into the workings of these unwelcome software pests. And we’re now seeing an unprecedented volume of infected PCs and networks, and greater sophistication employed by those doing the infecting. We were compelled to create a vehicle to share that insight with the rest of the world.

My role is to serve as an information conduit between our malware, spam, and Web security experts and you, the reader. I and others will post details about the most dangerous and difficult security threats we encounter, and how to avoid them. We’ll also be sharing trending data we collect about spyware, computer viruses and other infections, and the origins of the infectious agents that propagate them. Our goal is to provide useful information that will, hopefully, help you protect yourselves from what seem — to us, anyway — like wave after wave of increasingly hostile, damaging, and obnoxious malware.

So, thanks for stopping by. We look forward to chronicling the threat landscape for you. Please add us to your RSS feed using the link that looks like a little billboard at the top of the page. And feel free to let us know what you think by sending your comments, questions, or requests to the address on the right side of the page.