Reports Show Threats from Cybercrime and Insiders
According to two reports, both cybercrime and self-inflicted security incidents were up last year. The IBM X-Force report shows camouflaging techniques are now used almost 100% of the time by malware attackers, and the Storm worm typifies the problems tracked by researchers. From an IBM press release:
"While computer security professionals can claim some victories, attackers are adapting their approaches and continuing to have an impact on users' experiences," said Kris Lamb, operations manager, X-Force Research and Development for IBM Internet Security Systems. ... All in all, the exploits used to spread Storm Worm are a blend of the various threats tracked by X-Force, including spam, phishing and drive-by-downloads by way of Web browser exploitation."
The report also discusses an increase in vulnerabilities. For a different take on vulnerabilities and patching, see an earlier post on risk management, Security Spending in All the Wrong Places.
Another report described in theThe Chronicle of Higher Education examines security incidents in colleges and finds:
colleges were their own worst enemy. An increased number of colleges last year suffered "unauthorized disclosure" of data—in other words, the unintentional release of sensitive information. Forty-nine colleges reported such accidental disclosures last year, up from 20 in 2006.
Colleges and universities are still valued targets for cybercrime as Eugene H. Spafford, of Purdue Universit, noted in the CHE piece:
"Campus systems continue to be prized because of high bandwidth, number of systems (particularly student-owned), and collections of personal information of people with good credit histories,"
Ironically, lack of user education and training could become a bigger threat to colleges than the cybercriminals on the outside.
Email This!
Digg it!
Sphere it!
Del.icio.us
Reddit!
Newsvine
