08 May 2006

Criminal Intent: Digital Surveillance Dominates Q1...

Seventy percent of malware detected during the first quarter of 2006 was related to cyber crime and more specifically, to generating financial returns. This is one of the conclusions of the newly published PandaLabs report, which offers a global vision of malware activity over the first three months of the year. Similarly, the report offers a day by day analysis of the most important events in this area. This report can be downloaded from Panda.

This report confirms the trend of criminal intent of the developers of malicious code to steal information for financial gain. Most successful are the bots and spyware code that lives silently on your corporate executives lap top after spending a week away traveling. Since the tendency for using "Free WiFi" exists in many hotels and other travel zones, the lap top becomes vulnerable to an infection. And when that lap top is reconnected to the docking station back at HQ, the real threat begins.

Digital Surveillance using malicious code is not new. The art is now a science. Ask any 19 or 20 year old in the Engineering or Computer Science Department at a major university. The use of spam and other techniques for spreading the use of the malicious code makes it imperative that your detection and defense strategies are sound and operating on a daily if not hourly basis. Organizations are under a barrage of attacks that are random and sophisticated, and are deployed with a multifaceted approach to gain the required exploit results. These new blended threats include a salvo of virus and worm technology into an smart and yet elusive attack vehicle.

According to FBI studies, more attacks are propagated and launched internally than externally. Companies are deploying internal intrusion detection systems that place monitors or agents on multiple department segments, and e-mail anti-virus systems that prevent viruses from moving.

Many organizations are exploring new devices that IDC has coined Unified Threat Management(UTM) appliances: Effective UTM requires:

* Low total cost of ownership. Total system costs must be less than the expected loss if there are security breaches due to lack of control. The solution must decrease the time to protection and ongoing overhead to achieve a lower total cost of ownership. Security threats are constantly changing, and the system must adapt to these changes on a constant basis with little to no user intervention.

* Coordination. Security breaches can occur between mismatched technologies, so whenever possible layer the security approach. Since many threats have multiple attack signatures, one layer prevents a certain portion of an attack while another layer catches the rest. The network’s security posture must adapt in unison for comprehensive protection.

* Reduced complexity. To achieve maximum security, solutions must be easy to implement, and the components must work well together; if not, incident detection (and resolution) becomes difficult if not impossible. Vital considerations include time-to-response and automation of appropriate protection.

Consider an evaluation of SonicWall to find all three advantages in your enterprise.

No comments:

Post a Comment