The Latest Sophos News
Product and Solution Information, Press Releases, Announcements
| Web 2.0 woe - Sophos threat report reveals cybercrime in first half of 2009 | |
| Posted: Fri Jul 24, 2009 01:25:00 PM | |
|
IT security and data protection firm Sophos has published new research into the first six months of cybercrime in 2009. The Sophos Security Threat Report examines existing and emerging security trends and has identified that criminals have increased the focus of attacks on social networking sites. At the same time, the first half of 2009 has seen an explosion in hackers exploiting scareware tactics to con computer users in to paying for bogus anti-virus protection. * Time for social networks to take security seriously * The rise of scareware * USA is the number one country hosting malware on the web * Security Threat Report stats and findings at a glance Time for social networks to take security seriously The Sophos Security Threat Report examines existing and emerging security trends and has identified that criminals are doubly exploiting social networks, using them first to identify potential victims and then to attack them, both at home and at work. In Sophos's opinion, Web 2.0 companies are concentrating on growing their usersbase at the expense of properly defending their existing customers from internet threats. The firm's report - available free for download - reveals that IT teams are worried that employees share too much personal information via social networking sites, putting their corporate infrastructure - and the sensitive data stored on it - at risk. The findings also indicate that a quarter of organizations have been exposed to spam, phishing or malware attacks via sites such as Twitter, Facebook, LinkedIn and MySpace. "What's needed is a period of introspection - for the big Web 2.0 companies to examine their systems and determine how, now they have gathered a huge number of members, they are going to protect them from virus writers, identity thieves, spammers and scammers," said Graham Cluley, senior technology consultant at Sophos. "The honeymoon period of these sites is over, and personally identifiable information is at risk as a result of by constant attacks that the websites are simply not mature enough to protect against." Another worrying finding of the report is the huge increase in scareware being encountered online. Cybercriminals are creating scam websites, offering fake, paid-for anti-virus protection, at an alarming rate. Sophos now discovers fifteen such sites each day, a three-fold increase over the same period in 2008. "Novice computer users are clearly falling foul of this under-handed tactic to capitalise on their fear from infection," continued Cluley. "Your aunt Mabel may be aware that viruses and malware exist and that they're bad, but probably won't be savvy enough to distinguish between legitimate and phony anti-virus protection." USA is the number one country hosting malware on the web (Jan-June 2009) In 2007, China was responsible for hosting over 50 percent of all web-based malware. However, this position has been stolen by the USA. The top ten list of malware-hosting countries in 2009 reads as follows: Top malware-hosting countries Security Threat Report stats and findings at a glance * 22.5 million different samples of malware - almost double the level of June 2008. * Two thirds of businesses fear that social networking endangers corporate security. * New web infections - one new infected webpage discovered by Sophos every 3.6 seconds (four times faster than in first half of 2008). * 40,000 new suspicious files examined by SophosLabs every day. * USA hosts the most malware on the web (39.6 percent). * USA computers relay the most spam (15.7 percent). * 89.7 percent of all business email is spam. |