IT security and control firm Sophos has today published its Security Threat Report 2011, analysing cybercrime during the last year and looking at IT security trends to watch in 2011.

A highlight of the report is the findings of Sophos’s latest ‘Social Security’ survey*, which polls computer users on their experiences of social networking security threats.

The survey charts user experience of social networking, particularly in the workplace.

By mid-2010, Facebook recorded half a billion active users, making it not only the largest social networking site, but also one of the most popular destinations on the web.

Unsurprisingly, this massive and committed user base is heavily targeted by scammers and cybercriminals, with the number and diversity of attacks growing steadily throughout 2010 – malware, phishing and spam on social networks have all continued to rise in the past year.

Sophos polled users asking if they had received spam, phishing or malware attacks via social networks.

The survey found that:

“Rogue applications, clickjacking, survey scams – all unheard of just a couple of years ago, are now popping up on a daily basis on social networks such as Facebook,” said Graham Cluley, senior technology consultant at Sophos. “Why aren’t Faceboook and other social networks doing more to prevent spam and scams in the first place? People need to be very careful they don’t end up being conned for their personal details, or get tricked into clicking on links that could earn money for cybercriminals or infect innocent computers.”

Although results vary across the individual networks of Facebook, Twitter, MySpace and LinkedIn, the latest poll suggests that half of those surveyed have been given unrestricted access to social networks at work. Paradoxically, 59% believe employee behaviour on social networking sites could endanger corporate network security, and 57% worry that colleagues are sharing too much information on social networks.

“Total bans on users accessing social networking sites are becoming rarer, as more firms recognise the value such sites can bring in raising brand awareness and delivering social media marketing campaigns,” explained Cluley. “If your business isn’t on Facebook, but your competitors are, you are going to be at a disadvantage. But you have to be aware of the risks and secure your users while they’re online.”

Although 82% of the survey’s respondents felt that Facebook posed the biggest risk to security, Sophos has labelled an attack on the Twitter micro-blogging network as the biggest single social networking security incident of 2010.

The infamous onMouseOver Twitter worm hit the Twitter site in September 2010, and spread like wildfire. The cross-site-scripting (XSS) attack demonstrated how quickly a vulnerability on a social network can affect a huge number of users. High-profile victims included ex-Prime Minister’s wife Sarah Brown, Lord Alan Sugar, and even Robert Gibbs, the press secretary to US President Barack Obama.

Undoubtedly the most high profile IT security story of 2010 was the WikiLeaks saga, which saw a number of Distributed Denial-of-Service (DDoS) attacks launched against companies withdrawing support for the controversial whistleblowing site.

There was also the widely reported Stuxnet worm, linked with targeting SCADA systems used for industrial applications, including nuclear facilities. These exemplify the development of cybercrime from the initial stages of proof-of-concept and mischievous virus-writing, through financially motivated, organised criminal activity – undoubtedly still the primary threat – and finally a third, political motivation – a trend predicted to continue.

France moves to second place in top ten, as European websites host malware

In addition to increasingly prevalent social networking threats, tried and tested cybercrime tactics continue to plague internet users. Although some websites are created with the intention of infecting visitors, legitimate websites continue to be a popular target for attack, as hackers who compromise them can distribute malware to unsuspecting internet users.

The USA continues to be the home of most infected webpages. However, over the past six months alone, European countries have become a more abundant source of malicious pages, with France in particular displacing China from the second spot, increasing its contribution from 3.82% to 10.00% percent of global malware-hosting websites.

“Many computer users still don’t realise that you can wind up with something nasty on your machine simply by visiting a website,” continued Cluley. “Over the year, we saw an average of 30,000 new malicious URLs every day – that’s one every two-to-three seconds. More than 70 percent of these are legitimate websites that have been hacked – this means that businesses and website owners could inadvertently be infecting their patrons unintentionally and without knowledge.”

The full Security Threat Report 2011 contains much more information and statistics on cybercrime in 2010, as well as predictions for emerging trends, and can be downloaded free of charge from the Sophos website.

*Sophos online survey, 1273 respondents, December 2010

More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry’s lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs – a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.

Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.

Related Posts

No related posts.

Do You Know What Your Kids Are Looking For Online?

Norton looked at the top 100 searches conducted by kids age 18 and under and also broke down results by age and gender. While terms parents would expect their kids to look up, like the blockbuster hit “New Moon” for teens and tweens, and Sesame Street for kids seven and under, made the list, some of the top terms may surprise parents. “Sex” and “porn” made it to the top overall search terms for kids age 18 and under (#4 and #5 respectively). These terms should raise a red flag to parents if they haven’t had “The Talk” with their children about content that may not be appropriate for kids. Kids’ top three overall search terms in 2009 were YouTube, Google, and Facebook. While these sites can be entertaining and educational for kids, parents need to ensure they sit down with their child and talk about what’s appropriate and inappropriate when viewing videos online, searching for information on various topics, and interacting on a social networking site.

Team Jacob Beats Out Team Edward

The recent blockbuster hit “New Moon”, based on the “Twilight” series of books, not surprisingly made kids’ top 100 list of search terms. However, Team Jacob took the lead with the actor Taylor Lautner coming in at #80 and actor Robert Pattinson not even appearing in the top 100.

Girls vs. Boys

While YouTube, Google, and Facebook showed up in the top three of both boys’ and girls’ search terms, boys’ #4 search term was “sex” while girls’ #4 was Taylor Swift. However, girls were still interested in the term “sex,” coming in at #5 on their list. Boys’ top 25 search terms were mainly comprised of social networking sites, shopping sites, adult terms, and games. Girls also showed interest in social networking sites, but their top 25 search terms focused more on music, TV, movie, and celebrity-related terms.

What Do Michael Jackson and Taylor Swift Have in Common?

Michael Jackson was the most popular celebrity kids searched for in 2009, coming in at #12 overall. Taylor Swift came in a close second at #13. When broken down by age, teens (13-18) favored Michael Jackson, while tweens (8-12) and kids seven and under chose Taylor Swift. Other top celebs on kids’ list of searches included Miley Cyrus, Lady Gaga, Justin Bieber, Selena Gomez, Lil Wayne, Megan Fox, Eminem, Beyonce, Britney Spears, Demi Lovato, the Black Eyed Peas, the Jonas Brothers, Rihanna, and Chris Brown. While celebrity searches may seem safe, Norton has observed that cybercriminals take advantage of news and events tied into celebrities, using the topic to lure people into visiting infected websites and opening spam or phishing emails. In 2009, Michael Jackson was one of the most popular targets for cybercriminals.

I Like That “Boom Boom Pow”

While kids seven and under spent most of their time searching for gaming related topics, music topped the list for teens and tweens. Thirty-four percent of teens and 27 percent of tweens searched for music-related terms. Miley Cyrus’ song “Party in the USA” came in as the most searched for song by kids in 2009 with the Black Eyed Peas’ hit “Boom Boom Pow” coming in second.

“When it comes to online threats, parents need to be concerned about more than just their child running into inappropriate content,” said Marian Merritt, Norton Internet Safety Advocate. “What makes OnlineFamily.Norton unique is that it gives parents insight into kids’ online activities and what interests them most so that parents can ensure they have a discussion with them about topics they’re curious about, as well as protect them from cyberthreats.”

Methodology

Between Feb. 2, 2009 and Dec. 4, 2009, Norton tracked a total of 14.6 million searches that were submitted by users of their OnlineFamily.Norton service. The list of search terms was ranked from those submitted most frequently to those submitted the least. Aggregate search terms are collected on an anonymous basis through OnlineFamily.Norton. Search terms cannot be associated by Norton with a specific child, adult, or user account. All personal account information is kept completely separate from the monitoring and reporting functionalities of OnlineFamily.Norton. Personal data is not shared or sold to third-parties or advertisers.

About OnlineFamily.Norton

OnlineFamily.Norton is available at http://onlinefamily.norton.com. While the service is fully optimized for U.S. and Canadian sites, filtering support is also provided for English Web sites in the UK, Ireland, Austria, New Zealand, India and South Africa.

As a Web-based service, OnlineFamily.Norton is able to track the Internet activities of each child in real-time. Parents enjoy peace of mind with instant reporting and the convenience of accessing their account anytime from any Internet-connected device.

About Norton from Symantec

Symantec’s Norton products protect consumers from cybercrime with technologies like antivirus, anti-spyware and phishing protection– while also being light on system resources. The company also provides services such as online backup and PC tuneup, and is a trusted source for family online safety. Friend us on Facebook at www.facebook.com/norton and follow @NortonOnline on Twitter.

About Symantec

Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organizations secure and manage their information-driven world. Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. More information is available at www.symantec.com.

Note to Editors: If you would like additional information on Symantec Corporation and its products, please visit the Symantec News Room at http://www.symantec.com/news. All prices noted are in U.S. dollars and are valid only in the United States.

Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.

Forward-looking Statements: Any forward-looking indication of plans for products is preliminary and all future release dates are tentative and are subject to change. Any future release of the product or planned modifications to product capability, functionality, or feature are subject to ongoing evaluation by Symantec, and may or may not be implemented and should not be considered firm commitments by Symantec and should not be relied upon in making purchasing decisions.

Related Posts

No related posts.

About BitDefender®
BitDefender is the creator of one of the industry’s fastest and most effective lines of internationally certified security software. Since its inception in 2001, BitDefender has continued to raise the bar and set new standards in proactive threat prevention. Every day, BitDefender protects tens of millions of home and corporate users across the globe – giving them the peace of mind of knowing that their digital experiences will be secure. BitDefender solutions are distributed by a global network of value-added distribution and reseller partners in more than 100 countries worldwide. More information about BitDefender and its products are available at the company’s security solutions press room. Additionally, BitDefender’s www.malwarecity.com provides background and the latest updates on security threats helping users stay informed in the everyday battle against malware.

Related Posts

No related posts.