Internet Security News
Our Internet security news features the latest press releases from the world´s largest online security companies with details of the latest threats to be aware of and, unfortunately, Internet security news relating to significant data breaches. While some organizations will be grateful for the advanced warning of an online threat – and details of how to protect themselves against it – for some the warnings will come too late.
Consequently it is recommended to be protected against all manner of online threats with an email filter and web filter from TitanHQ. Our Internet security solutions prevent users from accessing unsafe sites via phishing emails and malvertising, and from visiting websites that are vulnerable to exploit kits and malware. As many organizations already using TitanHQ solutions would agree, it is better to be safe than sorry.
Dec 9, 2012 | Cybersecurity Advice, Cybersecurity News, Internet Security News, Network Security, Web Filtering
The festive period is almost upon us and, aside from having to deal with the wave of Christmas and New Year cybersecurity threats, it is a time to relax, reflect on the major security events of the year, and plan for 2013.
Lessons have been learned in 2012 and it is up to IT security professionals to ensure that the same mistakes are not made next year. 2013 is likely to see a wave of attacks, a great deal more threats, and many companies’ security defenses breached. Prepare adequately and your company is likely to avoid becoming another security breach statistic.
Online Security Threats from 2012
2012 was an exciting year, certainly as far as data mobility was concerned. Many companies have enjoyed the benefits that come from being able to access data from any location; on any device. Unfortunately, so have cybercriminals.
Widespread adoption of Bring Your Own Device (BYOD) schemes have made workforces much more productive, efficient, and happy. Unfortunately, mobile devices are being attacked with increasing regularity. Personal Smartphones, laptops, and tablets may represent the future of business, but they often lack the necessary security controls to ensure corporate networks remain protected. Cloud computing has also been adopted by many organizations, but not all have made sure their cloud applications are appropriately secured.
There has been an explosion in the number of social media websites. Use of the sites are more popular than ever before, and so are the threats from using the sites. As user numbers have increased, so have the types of malware being developed to exploit users of Facebook, Twitter, Pinterest and the myriad of other sites that have enjoyed an increase in popularity.
Up and coming platforms are being targeted as user numbers increase and established platforms such as Facebook and Twitter are honeypots for cybercriminals. Social media channels and mobile devices are likely to remain problematic for IT professionals charged with keeping their corporate networks secure. Unfortunately, IT security professionals have little control over personal devices, and it is very difficult to stop end users from using their social media accounts at work.
As cybercriminals start using new attack vectors with increasing regularity, security professionals must be alert to the new risks. Listed below are our security threat predictions for 2013. some of the trends that are likely to develop further over the course of the coming year.
Security Threat Predictions for 2013
SQL Injection attacks will continue to increase
There was a rise in the number of successful cyberattacks last year, many of which involved SQL injection – the use of Structured Query Language to gain access to corporate databases. Hackers were able to use this technique to hack into web servers and obtain user names and passwords from corporate databases.
Small to medium size companies are particularly vulnerable as they often do not have the resources available to address all vulnerabilities that can be exploited by SQL injection. However, even very large companies are at risk. In 2012, Wurm Online, a hugely popular online multi-player game, was hacked using SQL injection resulting in the site being taken offline. Yahoo Voices was also hacked using this technique and over 450,000 user logins were obtained by hackers. This attack was caused by “union-based SQL injection”. These attacks were made possible as basic web server mistakes had been made by the companies in question. Both attacks were avoidable.
Ransomware attacks will increase
The past 12 months have seen a rise in cyberattacks using ransomware. Users are fooled into installing malware on computers and networks which subsequently encrypts all company data. Company operations have ground to a halt, with no data accessible without a security key. Those keys will only be provided by the criminals if a ransom is paid. Companies have found they have no choice but to pay the criminals to unencrypt their data. In 2012, a number of hacked GoDaddy websites were discovered to be infecting users with ransomware.
Defenses against this type of malware must be improved. Install spam and web filters to prevent users from installing this malware, and ensure that all data is backed up and policies are developed to recover backed up files. A data breach response plan should be developed to ensure business-critical data is restored promptly.
Increase in amateur cybercriminals using attack toolkits
As we saw this year, you do not need to be a hacking genius to pull off a successful cyberattack. It is possible to rent an attack toolkit with a host of premium features to make it easy to use by virtually anyone. The Black Hole exploit kit is a good example.
Investment in these kits has helped improve their usability and many now include APIs, scriptable web services, reporting interfaces, and even mechanisms to protect the users of the toolkits. By improving the quality of the kits, talented computer programmers have been able to increase the number of individuals able to launch attacks on corporations. There is no shortage of takers, and the investment spent has been well rewarded. Expect more individuals to use these kits and the volume of email malware to increase.
Less damage from security vulnerability exploits
Security vulnerabilities are being discovered with increasing regularity and this is enabling security holes to be plugged before they can be exploited. Protection against exploits is also improving and the next 12 months is likely to see even more advancements in this area. A number of protections have already been developed and implemented to prevent attacks of this nature, such as address space layout randomization, sandboxing, data execution protection (DEP) and trusted boot mechanisms. It is expected to become harder for hackers to exploit security vulnerabilities, although the risk of attack will certainly not be eradicated.
New privacy and security challenges that need to be addressed
The rise in popularity of mobile devices, and the adoption of BYOD by many organizations, has seen data security risk increase substantially. Mobile devices contain numerous security flaws. The devices can be used to track victims with GPS systems and near field communication (NFC) allowing criminals to physically locate their targets. The growth in social media applications for mobile devices is likely to see even more devices compromised. Expect 2013 to see a wave of new attacks on mobile devices and security vulnerabilities in new technologies exploited.
Do you agree with our security threat predictions for 2013?
Dec 3, 2012 | Cybersecurity Advice, Internet Security News, Web Filtering
Small to Midsize Businesses (SMBs) have a lot to gain from joining the social media revolution, and even by allowing employees some personal Facetime at work. There are a number of drawbacks though, and some can be very serious.
Many SMBs are well aware of the potential risks as evidenced by a recent survey conducted by Forrester. Businesses were sent surveys as part of the security study and were asked about social media risk. It was named as one of the biggest security concerns.
If social media accounts are accessed at work, they pose a considerable risk to network security. There is a major risk of suffering a malware infection from social media websites. Accounts can be hijacked and there are issues with staff accessing inappropriate content or posting sensitive information about the company. Data leakage is a concern, and highly regulated industries face greater risks. Healthcare professionals could all too easily violate HIPAA rules.
With all of these serious risks, why would any business permit members of staff to access personal social media accounts at work? Why not just implement a zero tolerance policy, and take action against any employee found to be using social media sites at work? Better still, social media sites could be blocked entirely to prevent all employees from having a sneaky peek at their Facebook accounts!
There are benefits to be gained from allowing social media access in the workplace
Social media access by employees is not all bad news. There are many positive benefits to be gained from allowing staff a little time to access their Facebook, Twitter and LinkedIn accounts at work. Even some YouTube time can be very beneficial. Here are four reasons why a total ban on social media use at work is not necessarily the best option for employers.
A little social media access can improve the productivity of staff!
Employees may be seen to “waste” a little time each day accessing Facebook or other social media websites at work, but the time is not necessarily totally wasted. In fact, some downtime can improve the productivity of employees. How productive would you be if you worked 8 hours straight each day without taking a break? You may be able to do it for a few days each week, but burnout awaits those who try to do too much.
Recent research shows that allowing workers access to their social media accounts can actually increase productivity, and not just a little. A study conducted by the Harvard Business Review showed that productivity increases of 20-25% are possible with a little Facetime allowed each day. Employees can actually get answers to questions much more quickly by using social media and professional networking websites than trawling through websites!
LinkedIn can be used to find new staff members, or encourage the best people to apply for a job. If business accounts are opened and managed, it is much easier to connect with customers, and customer service standards can be improved. The cost of providing those services can also be reduced thanks to social media. The websites are also a great way of communicating with customers and staff.
Social media can give a business a competitive edge
There are reasons why the likes of Google and Facebook give their staff ping pong tables, napping chairs, video games and use bright and bold color schemes in their offices. They improve staff morale, they make employees happier at work and, consequently, staff complain less about having to work incredibly long hours.
OK, we are not saying you should turn your office into an amusement arcade, but allowing employees some time off to use social media sites is not that bad. It is a selling point as well, especially for Gen Y staff. They expect to be able to have some social media time at work.
You probably ban social media access at work, but your competitors might not. One of them almost certainly allows some Facetime at work. It could be the difference between attracting the best workers or just the mediocre ones!
Blocking access to social media websites is not easy
So you want to ban social media use at work. How do you plan to implement that ban? Just tell staff it is inappropriate to access the sites and then turn a blind eye to a little use? Get HR to bring employees in who access Twitter during work time? Purchase a web filter to block access?
A ban must be enforced, access to the sites needs to be monitored, and action taken against offenders. If you have a lapse in adherence to the policy, how will you deal with it? It could well be more trouble that it is worth!
If you operate a BYOD scheme and allow the use of personal laptops or tablets at work, you can’t ban employees from using their own devices to access social media websites outside of office hours. You will still need to implement policies covering use of the sites, even if they are blocked in the office.
Regardless of controls, if employees want to use social media, a ban will not stop them
Implementing a ban does not mean employees will stop using social media at work, it will just be harder to control. Even if you purchase a web filter, such as that offered by SpamTitan, and block access to the sites for all staff members, employees will still access their accounts if they want to. They will just use their Smartphones. You will then lose all control and it will be impossible to monitor how much time your employees are spending on the sites. In fact, a ban could well lead to employees taking more risks, or posting disparaging remarks about your company.
Instead of implementing a total ban, why not look for ways to leverage the use of social media websites, and develop policies to control usage. Even implement software solutions to minimize security risks and give you control over what is accessed via the websites.
Nov 13, 2012 | Cybersecurity Advice, Internet Security News
If you want to access the Internet, you will need a web browser. Unfortunately, the very program you use to gain access to the Net, access your email, and logon to social media sites and online bank accounts could be your downfall.
A vulnerability in Firefox, Safari, Chrome or IE could be placing your data straight into the hands of hackers. Cyber criminals can – and do – take advantage of out of date web browsers to steal data and gain access to computers, mobiles, laptops, and tablets.
It is therefore essential to ensure that your browser is kept up to date. Fail to install updates as soon as they are released and you could become the next data breach statistic.
Insecure web browsers could leave you exposed to a cyberattack
When you purchase a new device, chances are it will come with a browser preinstalled. You should bear in mind that when purchasing a new device, it is unlikely to come with the browser correctly configured, and you will most likely need to install the latest version. Updates are now being issued on a regular basis.
Fail to keep your browser up to date and tweak the security settings is a recipe for disaster. Out of date or insecure browsers can result in malware, spyware, ransomware, and viruses being installed on your device without your knowledge. Even your anti-virus software program may not pick up the infection.
Kaspersky Labs, one of the world’s leading providers of anti-virus software, has recently investigated browser security and has discovered almost a quarter of browsers are out of date. The company assessed the browsers of close to 10 million Internet users from all over the world in 2012, with the data drawn from the Cloud-based Kaspersky Security Network. Over 700 million browser launches were logged by Kaspersky during the period of study.
Kaspersky Labs browser study produces worrying results
Kaspersky Labs analyzed five different web browsers as part of the study and discovered 36 different versions in use. Only five versions were up to date and installed with the latest security patches. Users of Kaspersky Anti-virus solutions were reasonably well protected, with 77% using the latest version of their chosen browser. Unfortunately, 23% were using out of date versions, making them vulnerable to a cyber attack or malware infection. Worse still, 8.5% of test subjects were still using versions that had long since become obsolete. Millions of individuals are therefore at risk of succumbing to web-borne threats.
The process of upgrading a browser to the latest version is a quick and straightforward process, and will ensure the user is better protected against hackers. Why are users not upgrading their browsers? There are many possible answers. Simply putting it off and forgetting is one of the main reasons; however, some users are fearful that they might lose data or bookmarks by updating. Others are worried about losing some of the features they like. Sometimes, the new versions contain bugs and make viewing the Internet that little bit harder (at least initially).
Unfortunately, the reality is that failing to update a browser will leave you vulnerable. It is therefore not really a choice but a necessity, certainly if you care about the security of your device, data stored on it, and the network it connects to.
Oct 31, 2012 | Internet Security News, Network Security, Web Filtering
On November 1, 2012, SpamTitan Technologies will be releasing WebTitan 4.0, the latest version of the powerful web filtering solution for business customers. The new version includes a host of additional features to make it easier than ever before for system administrators to manage Internet usage in the workplace and protect their networks from malware, viruses and cyberattacks.
The latest version includes new controls to manage bandwidth, with advanced reporting features, delegated administration, full transport authentication, and SNMP support. SpamTitan Technologies WebTitan 4.0 also boasts improved white labeling options.
Proxy mode now offers full transparent authentication
When developing WebTitan 4.0, product developers took on board comments from users and incorporated a host of new features to make management easier. The result is the most user-friendly version released to date and includes augmented controls to ensure businesses are better protected.
WebTitan 4.0 offers full transparent authentication when using the product in proxy mode. Users are able to generate advanced reports, as opposed to previous versions when reporting options for transparent proxies was IP based.
Administration functions can be easily configured
New delegated administration functionality has been added to reduce the burden on system administrators. Now the administration of WebTitan can be passed over to any stakeholder in the organization. All controls can be easily configured and individual users can be granted reporting rights, policy management privileges with the option of setting reporting rights to allow individuals to issue Internet usage reports for specific users or user groups.
When administrator rights have been configured, it is possible for reporting and policy management responsibilities to be delegated to individuals who have a better understanding of the best web filtering policies for specific groups of users, ensuring much improved cross-organizational participation.
Ensure enough bandwidth is available for business-critical applications
The latest version offers a host of improved corporate Internet policy functions to ensure that sufficient bandwidth is always available for business critical applications, with the option of setting quotas to prevent wastage. A host of Internet services are now available which can suck up bandwidth, such as video streaming, Internet radio and other media-rich applications.
These services can cause Internet access to slow considerably and often bottlenecks are created that reduce productivity. The new version has far greater granularity that allows users to allocate resources more efficiently and make considerable cost savings.
As Internet functions have evolved, the management of web filtering has become much more complex. Managing users and user groups can therefore be a major headache for system administrators. One of the main aims with the new release was to ease the administrative burden on system administrators. Web filtering can now be managed much more efficiently.
SpamTitan Technologies WebTitan 4.0 includes more complex functions, yet the user interface and controls are more intuitive and easier to learn. CEO of SpamTitan, Ronan Kavanagh, said the latest version has been created to “ensure our customers get the best end user web experience while organizations are fully protected from all malware as it emerges.”
The latest version makes it easier to add company branding to WebTitan. White label versions can be supplied to allow businesses to add their own branding and create a web filtering solution that matches the look of other systems used by their organization. Full SNMP support is also now included.
Competitive Pricing and a 30-Day No-Obligation Trial
Licenses for WebTitan 4.0 can be purchased to suit the needs of the business. There is no need to pay for IP addresses that will never be used. WebTitan 4.0 has a flexible banded pricing structure. Businesses can just pay for the number of end users who require Internet access.
The new version of WebTitan is now available for download with the option of a 30-day no obligation demo license for new customers.
The full licensed product starts from only $850 (WebTitan for Vmware 4.0 /WebTitan ISO). Previous purchasers with current licenses are able to upgrade to the latest version for no extra cost.
SpamTitan Technologies
SpamTitan Technologies is a provider of web filtering and email security solutions for the enterprise. The company, based in Galway, Ireland, offers a comprehensive suite of software options for small to medium sized organizations that offer protection from spam, phishing and other email and web-based data security threats. Customers can implement solutions that can be tailored to the unique needs of their businesses and receive excellent protection from malware, viruses, phishing, Trojans, and spambot attacks. Users can also be prevented from viewing undesirable web-content using WebTitan secure Internet filtering solutions.
The company uses next-generation virtualization software that can be easily implemented, operated and maintained, without the need for expensive and unwieldy hardware. The latest versions of the company’s popular software give system administrators excellent versatility and flexibility. The enhanced functionality and protection capabilities of WebTitan 4.0 can also be provided at an extremely competitive price.
Oct 15, 2012 | Internet Security News, Social Media, Web Filtering
A recent survey conducted by SpamTitan Technologies indicates the vast majority of companies are prepared to terminate the contracts of employees for inappropriate social media use, such as exposing confidential data on social media networks. The corporate social media usage study showed that 87% of respondents would consider firing an employee for inappropriate social media use if company policies were violated.
Only 16% of companies think social media use at work is acceptable
The use of social media channels during work time is frowned upon by most companies. Many turn a blind eye to a little social media time during the working day, but only 16% of organizations taking part in the study said that they actually think it is acceptable for the staff to spend some time on Facebook, Twitter, LinkedIn and other social media networks.
The threat of termination of employment contracts for misuse of social media, in particular the posting of confidential information or disparaging remarks about an employer, is not an empty one. According to a study conducted by Osterman Research, one company in six has already made the decision to terminate at least one employee’s contract for inappropriate use of social media in the workplace.
With the rise in popularity of websites such as Facebook, Twitter and LinkedIn, it is understandable that members of staff with Internet access are tempted to spend a little of their working day checking their accounts. For many employers the main issue is not the loss of productivity that occurs as a result of inappropriate social media use. It is the security threat that inappropriate social media use introduces.
Malware is rife on Facebook
Social media websites are a honeypot for cybercriminals and malware is rife on the sites. Online criminals trawl Facebook, Twitter and LinkedIn looking for corporate data, while phishers seek information that can be used to conduct spear phishing campaigns.
Twitter now has 145 million active users and Facebook has 845 million users around the world. Many of these users are accessing their accounts during working hours too. Osterman discovered that 36% of employees use part of their working day to check Facebook and that figure has increased by 28% over the course of the past year. Twitter and LinkedIn are also being used at work. There has been a 6% jump in Twitter use and a 7% hike in LinkedIn use in the workplace over the course of the past 12 months.
With so much social media use, it is clear that any company that has yet to develop a policy on acceptable use of social media networks during working hours will have to do so soon. Interestingly, while almost one in nine companies would be prepared to fire an employee for inappropriate social media use, only 22% actually have a policy in place covering the use of social media sites at work.
Facebook, Twitter, LinkedIn and YouTube use carry major risks
The loss of productivity resulting from personal Internet time is considerable. A recent ISACA survey conducted on “Shopping on the Job” revealed that 40% of companies said the loss of productivity as a result of employees using websites for personal reasons was costing them at least $10,000 a year.
There is also the potential for damage to a company’s reputation. Take Domino’s Pizza for example. The company has just been forced to fire employees for posting a video of them playing with customer’s food at work. Even the clergy is not immune. A bishop was recently issued with a suspension for posting disparaging comments online – in this case the comments related to the Royal wedding of the Prince of Wales and Kate Middleton.
Perhaps the most damaging aspect of inappropriate social media use at work is the threat to corporate security. Facebook in particular is being used by unscrupulous individuals to spread viruses and malware. A link contained in a post about the latest viral video is sure to attract a lot of clicks. If that link directs people to a website containing malware, malicious software could easily be downloaded to a work computer. Installed malware could then be used to launch an attack on a corporate network.
How to control social media usage and protect corporate networks
There is no single solution to the problem of inappropriate social media use that can be adopted by all companies. Banning social media use entirely may be neither practical nor appropriate. Use of the networks can offer advantages, but the cons will outweigh the pros unless usage is monitored, managed and controlled. An Internet security policy is therefore essential to combat the increasing risk from viruses and malware. Companies are also advised to install a web filter. This will at least prevent users from visiting malware-ridden websites. It can also be used to block access to social media websites at work, should that be required.
Sep 18, 2012 | Cybersecurity Advice, Internet Security News, Web Filtering
Unsurprisingly, the launch of the iPhone 5s has had seen people queuing outside Apple stores for hours upon end in the hope they will be one of the first to get a new Apple device. Apple aficionados do get excited about the launch of a new device, and the Apple iPhone 5s is no exception. The company has reportedly sold 2 million units, and that was in the first 24 hours after the release.
Interest in the devices has been so high that buying a new iPhone 5s means a long wait is required. Many early purchasers will have to wait a number of weeks before their new phone is delivered. Apple couldn’t make enough available for the launch. Unfortunately, cybercriminals are taking advantage and have launched a number of iPhone 5 phishing scams.
Many iPhone 5 phishing scams have now been launched
Cybercriminals also love Apple devices. In particular, the launch of a new Apple device. They take advantage of the hysteria and send huge volumes of spam and phishing emails to would-be purchasers, advising of special offers and discounts, must read information about the new device, and news of fake competitions. In the run up to the launch we have seen many new email scams aimed at Apple fans. Scammers have used the media hype surrounding the iPhone 5 launch to their advantage.
Apple knows how to launch a new product. Few companies do it better in fact. In the run up to the launch, only a limited amount of information on the device was issued. Just enough to get Apple fans salivating. As the launch date drew closer, more information was released. They built interest in their product, anticipation was high, and when the launch date arrived, the product sold by the million.
Scammers take advantage of the anticipation, supply shortages, and long wait times. Spam email campaigns have accompanied the launch of this year’s hottest new product, with a number of spam and phishing emails already captured by SpamTitan’s spam and web filtering software. Some of the iPhone 5 phishing scams include:
- Fake delivery notifications
- Phishing websites set up to coincide with the iPhone launch
- Fake special offers and discounts on the new iPhone 5s
- Bogus competitions to win a new iPhone
We are expecting many more over the coming weeks.
Not everyone is good at identifying a phishing email
If you are in charge of your company’s email security, or if you work in an IT department, you will probably have a very good understanding of spam and phishing emails and can probably identify even the most convincing campaign. Unfortunately, the same probably cannot be said of the end users in your company, many of whom will be so excited about the launch that they will click any email link about the new device.
There is a high risk of end users clicking on links to websites containing malware and of opening infected attachments. It is therefore a time to be ultra-cautious. If one employee falls for a scam, it will not just be their computer that is infected. They may inadvertently compromise your network.
In order to address the risk, employees must be warned about the new scams and training should be provided to make sure they know how to recognize spam, phishing emails and iPhone scams. Even if training has already been provided, it is a good time to send out some refresher emails. You may even want to test their knowledge and send out spoof phishing emails to find out just how many people click the links. This is the best way to determine if your training has been effective, and which employees need some extra tuition.
Have you fallen for one of the iPhone 5 phishing scams? Have you identified any new iPhone 5 phishing scams? Please let us know!
Jul 19, 2012 | Cybersecurity Advice, Internet Security News, Web Filtering
New research indicates the threat from phishing is growing at an alarming rate, with thousands of new malicious websites being created every week. Detection rates of new phishing sites are also increasing, thanks to new software introduced by the Anti-Phishing Working Group (APWG).
APWG is a pan-industrial not-for-profit organization dedicated to improving Internet security. The organization works alongside law enforcement to reduce identity theft and make it harder for online criminals to operate. One of the ways it achieves its aims is by finding new websites set up by cybercriminals to obtain login names, passwords and other sensitive information from Internet surfers.
A recent report issued by APWG shows an alarming rise in the number of new phishing websites, indicating cybercriminals are concentrating on this attack vector to obtain the data necessary to commit fraud and steal identities.
In the month of February alone, 56,859 new phishing websites were detected. This rate of detection has not been achieved since August 2009. February’s count of new phishing websites was 1% higher than the organization’s August 2009 figures. While this suggests there has been a major increase in cybercriminal activity, the company’s new detection software may account for the rise in detection. That said, the threat from phishing is certainly growing.
What does a phishing website look like?
The reason that phishing websites are so dangerous is they look exactly the same as legitimate websites. Criminals are investing a considerable amount of time and money into creating spoof sites that are highly convincing. Big brand name websites are now being spoofed, with Amazon and E-bay just two of the major retail sites that have had fake versions created to fool users.
It is not only the retail industry that is being affected. Criminals have created phishing websites that look the same as those of major banks and financial institutions. If users can be fooled for long enough to attempt to login to the websites, criminals will obtain their credentials and be able to make bank transfers. Huge sums of money can be transferred and withdrawn by criminals before the victims even realize.
The majority of the fake websites discovered by APWG were located in the United States. Over half of those websites used the brand names of large organizations to fool users into revealing their sensitive information. This is achieved by creating a website that looks very similar to the brand being spoofed, with the domain name also featuring the brand name.
Security software identifies phishing websites and neutralizes the threat
There may now be more phishing websites than ever before, but fortunately action is being taken. When new sites are identified, the companies hosting those sites are alerted and the websites are closed down. Hackers and other cyber criminals may be devising more sophisticated ways of obtaining sensitive information from businesses and consumers, but detection software is also becoming more sophisticated. Companies such as SpamTitan Technologies have devised software that can rapidly identify phishing websites, allowing the threat to be neutralized. However, the volume of these malicious sites is such that even with rapid identification, it is not possible to totally eliminate the threat they pose. All that can be done is to use a web filter to prevent Internet users from visiting these websites.
Employees are not reporting phishing emails and websites to their IT departments
Many companies have developed policies which require members of staff to report suspicious emails and websites to their IT departments. By sending a quick email, the IT department can ensure that the threat is neutralized. Unfortunately, despite these policies existing, they are not being followed by all members of staff.
SpamTitan conducted a survey earlier this year which revealed that 70% of organizations had suffered losses as a result of phishing and spear phishing emails that had not been reported to their IT department. If staff members receive security awareness training, and report attempted phishing attempts, the emails can be deleted promptly to neutralize the threat. A failure to report those emails is likely to see some members of staff fall for the scams.
Many of these phishing scams seek to obtain access to sensitive data in order to commit fraud against individuals. If criminals can gain access to a business network, they can potentially obtain sensitive information from the entire workforce. The loss of data and system downtime can cost companies millions of dollars. When customer or healthcare data is stolen, the costs of resolution can be even higher. Theft of customer and patient data can trigger a wave of class-action lawsuits and result in regulatory bodies issuing heavy financial penalties.
What is the solution?
The cost of data breach resolution is considerable, but it does not cost a small fortune to take proactive steps to reduce the likelihood of a data breach being suffered. If organizations are proactive and implement a range of security measures, the risk of cyberattacks and data breaches can be effectively managed.
It may not always be possible to prevent phishing emails from reaching inboxes, but it is essential that employees are security aware and know how to identify suspicious and malicious emails in case they are delivered. There must also be an easy way of reporting such emails so that prompt action can be taken to neutralize the threat.
What security measures can be implemented to reduce the risk of a data breach?
Robust, multi-layered security defenses can be implemented to protect data and networks from attack, although there is no single solution that will work for all organizations.
Some of the measures that can be implemented to keep networks and data secure include:
- Encrypt all customer, client and patient data stored on networks
- Devise a secure password policy and ensure that it is enforced
- Make sure users change their passwords every 3 months
- Conduct security awareness training
- Issue cybersecurity bulletins to alert employees to new risks
- Purchase a robust email spam filter to stop phishing emails from reaching inboxes
- Use web filtering to restrict the websites that can be visited by employees
- Perform regular risk assessments to identify new security vulnerabilities
- Ensure anti-virus and anti-malware solutions are installed on all devices connected to a network
- Make sure all software and virus/malware definitions are updated regularly
- Conduct periodic security audits to check for malware and viruses that have inadvertently been installed
Mar 20, 2012 | Cybersecurity News, Internet Security News, Web Filtering
The threat posed by hackers and online criminals is very real, but reports of instances of cybercrime may not be very reliable. When cyberattacks are announced the data can be used to estimate the current threat level. Unfortunately, not all cybercrimes are reported by companies, and even IT departments are often unaware that employees have become victims of phishing campaigns.
In certain industries, the reporting of cybersecurity incidents and data breaches is mandatory. Take the U.S healthcare industry for example. Legislation has been introduced – The Health Insurance Portability and Accountability Act (HIPAA) – which makes it a criminal offense not to report a breach of patient data. If an organization is discovered to have violated the HIPAA Breach Notification Rule, a heavy fine can be issued by the Department of Health and Human Services’ Office for Civil Rights.
The Federal Trade Commission and state attorneys general can also issue fines. Criminal charges can also be filed against individuals for willful neglect of HIPAA Rules. Consequently, it is in the best interests of organizations to report cybersecurity incidents. The data breach reports submitted to the OCR can therefore be relied upon to be reasonably accurate, and it is possible to build up an accurate picture of the state of data security for the healthcare industry.
However, not all industries are so well regulated. A similar data breach suffered by a software company or mining operation may see the organization keep the crime quiet. Announcing a security breach has potential to seriously tarnish a brand.
If you had a choice between one company that had suffered a data breach that exposed sensitive customer data, and one that had not, which company would you choose (all other things being equal)?
Should the reporting of cybersecurity breaches be mandatory for all businesses?
Many privacy and security professionals believe it is essential to report cyber threats and security breaches as the sharing of information can be invaluable in the fight against cyber crime. Intel sharing could make the difference between a threat being rapidly neutralized and many other organizations suffering data theft. This is an ethical responsibility. Should it also be a legal responsibility as well?
The United States has been proactive in the fight against Internet crime. The government and law enforcement agencies are well aware of the importance of sharing intelligence in order to tackle the increasing cybercrime threat.
In 2000, the Federal Bureau of Investigation, the National White Collar Crime Center, and the Bureau of Justice Assistance formed a task force which was dedicated to fight Internet crime. The Internet Crime Complaint Center (IC3) serves as a centralized hub that receives complaints about Internet crime and processes threat intel received from American citizens and U.S businesses. All leads received are passed on to the appropriate federal and state-level law enforcement agencies. The data received by IC3 has been instrumental in bringing thousands of Internet criminals and fraudsters to justice.
IC3 also ensures that individuals and companies suffering losses as a result of the actions of online fraudsters have someone to contact to report the crime. Other countries have started to develop task forces that perform a similar function. Victims of cyber crime are being given a single point of contact to report fraud, scams, identity theft and online extortion, and the intelligence gathered can be used to bring the perpetrators of these crimes to justice.
Harsh Penalties await Online Fraudsters and Cybercriminals
In the United States, online criminal activity carries stiff penalties. New legislation is introduced regularly to increase the punishments for individuals who turn to the Internet to commit crimes. These include:
Spamming: Under the CAN-SPAM Act, spamming is punishable with a minimum fine of $11,000. Depending on the method used to send email spam, the penalties can be much more severe. The use of spambots to collect email addresses can result in jail time, as can the unauthorized use of a computer to send spam emails.
Hacking: Hacking is a federal crime that carries stiff penalties. These are linked to the seriousness of the crime, but a spell of up to 20 years is jail is possible, as well as very heavy fines.
Identity Theft: The penalty for identity theft has recently been increased, with individuals able to be sentenced to 5 years in jail. Aggravated identity theft sentences must be served consecutively to any other sentence issued.
Make sure employees are aware of procedures to follow if a security incident is suffered
Employees falling for phishing campaigns – if they are even aware that they have – may also choose not to report the incident to their managers or IT departments. Individuals may be worried about looking stupid or, worse still, losing their jobs.
However, it is essential that all potential security incidents are reported internally. Organizations should make sure the staff is aware that the reporting of security breaches, email scams and phishing campaigns is essential to protect the business. Internal security policies must exist, and members of staff must be made aware of the correct actions to take if they have fallen for a scam, revealed sensitive information, or have received a suspicious email. Oftentimes, fast action can make the difference between huge financial losses being suffered and the threat being neutralized before any damage is caused.
While law enforcement bodies may need to be alerted to instances of identity theft and phishing campaigns, employees should have a single person within their company to whom security incidents can be reported. Every employee in an organization must be made aware of the urgency required and the individuals who must be alerted to suspicious emails and potential criminal activity. If the staff is security aware and acts appropriately, major cybersecurity losses can be prevented.
Feb 21, 2012 | Internet Security News, Social Media, Web Filtering
A new study recently published by Osterman Research indicates there are major Facebook malware risks that many companies are not aware of. Furthermore, those risks are very real. 24% of companies have discovered malware has affected their corporate Facebook pages.
The risk of malware affecting corporate social media pages is considerable, with Facebook the main social media network that has been attacked by criminal gangs. LinkedIn and Twitter can also be risky, but only 7% of companies have had their Twitter and LinkedIn accounts infected.
The problem could actually be far worse. The study revealed that many IT security professionals were not even aware if their social media accounts had been hacked or infected with malware because they never check.
Employees social media use during working hours has increased significantly
Researchers at Osterman discovered the use of social media sites by employees during working hours had increased significantly over the past year. The survey results revealed that 36% of employees of corporations were accessing their Facebook accounts during office hours. Last year the figure stood at just 28%.
Use of Twitter during working hours is also increasing. Last year, 11% of employees were using Twitter at work, while this year the figure has risen to 17%. The same is true for LinkedIn, with employee use rising from 22% to 29% over the same period.
Employees are a major risk to corporate network security
It is clear is that social media accounts are being targeted by hackers and cybercriminals; and, as the sites grow in popularity, the problem is only likely to get worse. Furthermore, when employees access social media sites at work they could be placing corporate networks at risk.
As more employees use social media sites during working hours, and more time is spent by individuals on those sites, the risk to data security increases. Personal information is being shared on the sites, but some employees are also sharing corporate information. Sometimes this is deliberate, other times potentially sensitive data is unwittingly shared.
Criminals trawl social media websites looking for information to launch spear phishing campaigns
A great deal of information is being posted on social media accounts. Some users choose to share their posts only with their nearest and dearest. However, friends of friends can also view posts in many cases, and even individuals who are careful about who they accept as friends, may find their content read by friends who have a much more carefree attitude when it comes to accepting new friend requests. Oftentimes, posts are made public and can be viewed via the search engines by anyone with Internet access.
Criminals are now using the wealth of information that is freely available on these social media sites to build up a considerable amount of knowledge on individuals. That information can then be used to launch highly convincing spear phishing campaigns. Those campaigns can result in user accounts being compromised, and malware being installed on the devices used to access the sites. If the site is accessed on a work computer, corporate networks could also be threatened.
Many Facebook posts contain links to phishing and malware-ridden websites
Facebook posts and pages contain useful information, details of great products, excellent jokes (occasionally), funny memes, and cool viral video content. Unfortunately, there are also links to very nasty websites. The content may be great, but they can be a serious security hazard. Just clicking on the links could result in malware being downloaded. The problem is, it can be very difficult to tell which websites malware-free and which should carry a public health hazard warning.
An administrative assistant may click on a link, but so could an account executive, IT security professional or even a CEO. All business users could potentially fall for a scam, or be convinced to visit a website as a result of reading a post, only to end up downloading a Trojan, keylogger or nasty piece of ransomware.
Many users are not particularly security aware and end up sharing passwords between personal online accounts. Unfortunately, many also use the same passwords to access their work computers as their own personal accounts.
Even when password policies exist that force employees to use strong passwords, if malware has been downloaded onto their work PC’s that contain keystroke loggers, even unguessable passwords will be revealed. Once this information has been sent to hackers’ control and command center, attacks on corporate networks can easily be launched. Should the password and login of a member of the accounts department be obtained, company bank accounts could well be emptied.
Social media malware and phishing protection is essential
All users of corporate social media accounts must exercise caution when visiting social media websites and employees must take care not to inadvertently place their employer’s network at risk of a cyber attack. Due to the high security risk, it is essential that social media use (and email for that matter) is monitored closely.
Companies that develop policies covering the use of social media websites at work are likely to be better protected from malware. Employees must also receive training on acceptable uses of social media at work and must be informed of the potential risks and social media best practices. They may be using their personal accounts at work and this could impact work computers and networks. If they are not made aware of the risks, they are likely to continue to engage in risky online behavior.
Fortunately, there are a number of tools that can be used to reduce the risk of malware infections via social media websites. Spam filters can be used to protect users from phishing campaigns sent via email and web filters can be employed to prevent users from visiting websites that are known to be risky.
Alongside training of the staff on good security practices such as archiving old emails, risks can be kept to a minimal level. If little effort is put into security, and use of social media websites is not overseen, organizations will be leaving themselves wide open to cyberattacks. Those attacks are likely to cost far more to resolve than it would have cost to pay for security training and a spam and web filtering solution.
Aug 15, 2011 | Internet Security News, Web Filtering
There was a buying frenzy following the release of the new .xxx suffixed domains. Pornographers, Internet marketers and entrepreneurs competed to secure the hottest and rudest of them. The first of the .xxx websites have now gone live, there has been further talk about compartmentalization of the Internet, with the possibility of all pornographic websites being confined to those sites with a .xxx suffix. However, will the .xxx domains make web filtering pornography any easier?
ICAN releases .xxx domains for sale
The Internet Corporation for Assigned Names or ICANN as it is better known, created the new top-level Internet domain specifically for websites of an adult nature. The long term view was to eventually move all pornographic websites to the xxx domains. This could clean up the Internet and make it much easier for parents and businesses to block pornographic websites. It is, after all, much easier to block a single domain type than to implement web filtering to prevent all websites containing pornographic material from being viewed. IT security professionals and individuals who want to stop porn from being accessible via their computers, phones, and tablets could therefore just block the xxx extension.
There is a problem of course. Owners of adult websites have been buying up new domain names in the thousands, but will they redirect their current .com, .co.uk, .org and .net sites to the new .xxx domains?
Of course they won’t. They’ve just been given even more domain names to fill with pornography, and any redirects are likely to come from the .xxx domain names back to their main, well-established websites.
Unless laws are introduced to force purveyors of adult content over to the new domains, the online adult entertainment industry will simply not make the switch. Some firms will undoubtedly activate their new xxx websites, but unless everyone does, the initiative will be seen to have failed and web filtering pornography will be no easier.
Will the XXX domains make web filtering pornography any easier?
Potentially, the creation of the new domain will make it easier to filter some adult sites, so it will make the job of web filtering a little easier. Advocates of the new domain claim that the creation of these sites is a step in the right direction. The .xxx domains will make it easier to filter adult content (and easier for people who want access to the sites to remember the correct suffix). At some point in the future, laws can be introduced to force adult content into an easily blocked section of the Internet.
However, cynics will quite rightly point out that current website owners who have invested a considerable amount of time, resources and money into promoting their .com sites and building links are not going to let all that effort and investment go to waste. The new domain suffix may therefore just have given pornographers the opportunity to create a lot more websites.
There is another problem. Many individuals and companies make a living out of buying up domain names in the thousands. These cybersquatters purchase domain names at a low price, at $10 a pop for instance, and then list them for sale for hundreds or thousands of dollars. They buy up existing companies’ brands and will only sell them on if their asking price is met. Many companies will therefore not be able to buy the .xxx equivalent of their current site.
Do you think the creation of the new domains will help with web filtering pornography any easier? Will Internet surfers still be bombarded with pornography?
