Though recent months have seen a lot of hype about targeted, high-profile attacks against large businesses and government agencies, most businesses really need to be worried about increases in traditional IT security threats.
That’s the message in the 2012 Security Threat Report, released by security vendor Sophos.
Beyond the most hyped kinds of attacks, these are the five IT security threats that will give businesses the most trouble this year, according to Sophos:
1. Malicious websites – In the second half of 2011, Sophos saw an average of 30,000 new malicious URLs — an increase of 50% compared to the first half of the year. Of those sites with malicious content, 80% were legitimate sites that had been compromised.
2. Worms that won’t go away – Though it first appeared more than three years ago, the Conficker worm is still a serious IT security threat — in fact, the worm represented 15% of all infection attempts seen by Sophos customers in the second half of 2011. The reason Conficker has survived: Though Microsoft released a patch to stop the worm three years ago, too many PCs still haven’t been updated.
3. Mass malware – It’s easier than ever for hackers to spread malware, thanks to so-called crimeware kits, or commercially available tools to help attackers infect machines and steal data. Those crimeware kits are constantly updated as new vulnerabilities are discovered and patched, making them difficult to stop. That’s why it’s even more important now to apply patches as soon as they’re available and train users on safe web browsing.
4. Targeted social engineering attacks – In addition to mass malware, Sophos has also seen an increase in targeted attacks threatening IT security. Those threats often arrive via a form of social engineering, such as getting a user to open a malicious email attachment. The malware used for this type of attack is often a stealthy, uncommon threat such as a rootkit, so it’s harder to find and remove — making it essential to train users to prevent infection in the first place.
5. Attacks beyond Windows – The majority of attacks on Windows machines come through PDF or Flash vulnerabilities, rather than attacks on the operating system itself, Sophos says. One reason is that third-party software is often less likely to be kept up-to-date, which means IT must be vigilant about making sure users’ software is fully patched.