To reduce risk of data breaches, enterprises require a clear understanding about where their sensitive data resides and how it is being used. With this insight, enterprises will be better placed to identify gaps in their strategy, better equipped to define their requirements and better prepared to implement a data governance plan that will reduce their risk posture.
Is there anything else you’d particularly like to add which you believe to be relevant to our discussion?
While the spotlight on the growing threats in the mobile security landscape is expected to remain, Symantec ISTR XVI has also uncovered the following additional new key global findings that may impact public sectors:
• Social networking + social engineering = compromise. Social networks continue to be a security concern for organisations as companies and government agencies struggle to find a satisfactory compromise between leveraging the advantages of social networking, while limiting the dangers posed by the increased exposure of potentially sensitive and exploitable information. One of the chief concerns is the popularity of shortened URLs. Attackers can capitalise on these services because their potential victims are unable to quickly determine where the URL will send them, potentially leading to a phishing scam or malware infection. A favourite method used to spread an attack from a compromised social networking profile is to post links to malicious websites from that profile so that the links appear in the news feeds of the victim’s friends. In 2010, 65 percent of malicious links in news feeds observed by Symantec used shortened URLs globally.
• Hide and seek (Zero-day vulnerabilities and rootkits). Though not always necessary to carry out effective targeted attacks, zero-day vulnerabilities often play a role. In 2010, Symantec observed 14 new zero-day vulnerabilities, an increase from 12 in 2009. Stuxnet is a good example of this as it used an unprecedented four of these zero-day vulnerabilities. All vulnerabilities can pose a risk. Symantec documented a total of 6,253 new vulnerabilities in 2010, more than in any previous reporting period. The number of new vendors affected by a vulnerability also increased to 1,914, a 161 percent increase over 2009. Attackers also leveraged rootkits to evade detection, allowing the threat to remain running on a compromised computer longer and increase the potential harm it can do. Current frontrunners in the rootkit arena are Tidserv, Mebratix and Mebroot.
• Attack kits get a caffeine boost. While targeted attacks are focused on compromising specific organisations or individuals, attack toolkits, on the other hand, attempt to exploit anyone unfortunate enough to visit a compromised website. In 2010, attack toolkits continued to see widespread use with the addition of new tactics. Globally, the number of Web-based attacks per day increased by 93 percent in 2010 compared to 2009. In addition, since two-thirds of all Web-based threat activity observed by Symantec is directly attributed to attack kits, these kits are likely responsible for a large part of this increase.
Sign up for Computerworld eNewsletters.