And the Academy Award for the most dangerous search term goes to…

The team at Norton have been busy digging through the gossip since Sunday’s glamorous Oscar ceremony. They weren’t just looking for juicy rumours though; they’ve been looking for malware around the Academy Awards.

Cybercriminals often take advantage of public interest in both individual celebrities and world entertainment events, so it is no surprise that when the two combine, crooks get busy infecting websites. Norton found that around 50% of Oscar related internet search results lead to “poisoned” sites.

 Some of the most dangerous search terms (and the percentage of infected results) include:

  • “Oscar 2010 Winners” – 60% infected
  • “Music By Prudence” – 58% infected
  • “Kathryn Bigelow height” – 48% infected
  • “Sandra bullock Meryl Streep kiss” – 43% infected

Criminals predict public curiosity and infect pages that contain key words with malware. When a victim clicks through on links from search engines they inadvertently end up with their computer infected with a virus or inundated with pop-ups for fake, and in some cases dangerous, “anti-virus software.”
 
When searching for anything online, Oscar-related or not, it is important to be on guard. Make sure you have legitimate antivirus software that includes all the latest updates, and if you don’t, make sure you buy software from a reputable source.
 
Abigail Lovell

Photo by Flickr user Zadi Diaz, licensed under CC BY 2.0.

March 10, 2010 | Filed Under Phishing, Virus, cyber-crime, security | Leave a Comment 

Importance of end-to-end encryption in the retail space

CardFraudOur attention was caught recently by an interesting article on Retail Week by Verifone, which examined the importance of credit and debit card protection in the retail industry. As Verifone quite rightly points out, the theft of credit and debit card details is a highly lucrative activity and its popularity is growing rapidly worldwide. Indeed, our recent State of Enterprise Security Report revealed that 75% of enterprises have experienced a cyber attack in the past 12 months and that the average associated cost over the year for such attacks was as high as $2million – some pretty striking statistics.

Furthermore, the nature of credit and debit card theft is becoming increasingly sophisticated such that retailers will often process a payment transaction and not even be aware that a data breach has occurred – something that could have a serious impact not only on a retailer’s revenues, but also on their brand reputation. With such serious consequences at risk, Verifone states that it is time for companies to go beyond Payment Card Industry Data Security Standard (PCI DSS) guidelines, and secure entry points across the entire transaction chain.

The article has some good advice to offer retailers and with cybercrime continuing to grow at such a rapid rate, it’s advice that retailers can simply not afford to ignore.

Dominic Cook

March 9, 2010 | Filed Under cyber-crime, data-loss, security | Leave a Comment 

UK ID fraud cases jump a third as malicious insiders turn to cybercrime

CIFASID fraud in the UK has increased by nearly a third (31.79 per cent) in 2009, according to a new report from CIFAS, the UK’s Fraud Prevention Service, as compromised identity details continue to be sold over the internet. The report points to an increase in gangs using collusive staff within organisations to steal personal data online for criminal gain. The CIFAS findings are gathered from its 265+ members across industries including banking, retail and telecoms.

Businesses need to be better protected against the dangers of the enemy within, particularly in industries such as finance and banking, where the value of the personal data held in online databases can be incredibly high. Our recent State of Enterprise Security report found that 40 per cent of businesses experienced a high number of internal, malicious attacks in 2009. In addition, a great deal of damage was also done unintentionally by staff, with 39 per cent of IT managers surveyed saying it’s a ‘high’ or ‘extremely high’ problem.

IT security was, for many years, focused on protecting against external threats and attacks. While those threats still remain, a more insidious threat – the malicious insider – has been steadily rising. The fact that cybercriminals are so well networked within UK businesses in order to bring about this kind of ID fraud, points to their increased professionalism and savvyness.

Symantec recommends that companies assess their policies and processes around employee access to sensitive data ensuring that they are appropriate for the employee’s position and are enforced and regularly reviewed. It advises that data loss prevention (DLP) solutions that offer protection at the endpoint, network and storage levels can also help.

Andy Ng, Data Loss Prevention Consulting Manager for EMEA

March 8, 2010 | Filed Under Insider, security | Leave a Comment 

The Butterfly effect – Mariposa

A virus-infected network of nearly 13 million computers around the world has been smashed by Spanish police. The Mariposa, or Butterfly, botnet included PCs inside more than half of America’s 1,000 biggest companies and more than 40 major banks.

Our colleague Vikram Thakur recently wrote a blog about the threat. Symantec has been tracking the threat since October 2009. At that time, a security company had reported that a large number of Fortune 100 companies had been infected. The same firm has worked with authorities in arresting alleged key members of the botnet ‘ring’.

Symantec products detect this malicious worm under multiple names, the most prominent of which is W32.Pilleuz. Pilleuz and its variants have been extremely active over the past several months. The threat itself has multiple capabilities and is able to spread via USB devices, instant messaging clients, and P2P. It has the ability to steal credentials and personal information, as well as accept commands from its command-and-control (C&C) server. One such command could be to flood network traffic to a certain domain, thereby performing a distributed denial of service (DDoS).

Details about what role the arrested people played in Pilleuz’s day-to-day operations are still sketchy. We’re hopeful that the arrests will have a significant impact on the infections Symantec is seeing.

Photo credit

March 5, 2010 | Filed Under botnet, cyber-crime, security | Leave a Comment 

The RSA Conference – Cloud, devices & social changing the game?

The weather may still be cold in London, but San Francisco has been hot this week, especially for the security industry. The USA RSA Conference is one of the premier security events, educating and connecting security professionals from around the world.

Symantec’s CEO Enrique Salem took the stage earlier in the week as one of the keynote speakers.

He discussed the information economy, and how this decade will change the way we think about it. The two major trends Enrique thinks will change the information economy significantly are the adoption of cloud computing and the explosion of digital devices. Along with the rise of social media, these trends make a trio that are linked and will accelerate the need for an information-centric approach to security.

All three rely on trust, and that trust requires security, privacy and compliance measures in place so that information can be accessible by the right people, on any device and from any place in order for the information economy to reach its full potential.

I found this really interesting. Enrique said that security is not only about putting up higher walls around information or locking down devices, it is about delivering solutions that provide trust and confidence. And he also spoke about how it is an opportunity for the security industry to enable, nurture and navigate through this future of the information economy.

It would be great to know what you are you doing in your organisation to securely allow information to flow freely between the right people. What has changed over the past five years and what predictions do you have for the next five?

Abigail Lovell

Photo credit

March 5, 2010 | Filed Under Cloud computing, Social Media, security | Leave a Comment 

Financial Data and the Mobile Generation

Last week we blogged about a report forecasting an increase in people using mobile devices to interact with their banks. At around the same time, Cisco also announced the findings of its US retail bank study, looking at How the Post-Crisis Financial Needs of Younger Consumers Will Transform Retail Banking Services.

The report looked at US Generation Ys, defined as being born between 1980 and 1992, and found that 97 per cent use mobile phones, a number that’s likely to be very similar in the UK – not unsurprising you might say. The really interesting finding is that Gen Y consumers are four times more likely than ‘boomers’ and ‘silvers’ (those born before 1960) to have posted a question about financial matters to a blog or online forum. Furthermore, 40 per cent of Gen Y customers use web-based personal financial management tools to manage expenses, reduce debt, and maximise long-term savings.

Generation Ys across the pond are clearly making the most of mobile technology to handle their finances, as they are most likely doing here in the UK.

As we blogged last week, more and more valuable information, like bank account numbers or passwords, are being stored on devices, like smartphones, and is presenting increased opportunities for cybercriminals. The banks who are offering mobile services need to ensure adequate security measures are in place and, most importantly, that Gen Y and other users who want to take advantage of the benefits and convenience of mobile banking are better educated about how to keep their data safe.

Photo credit: D Sharon Pruitt

March 4, 2010 | Filed Under cyber-crime, data-loss, security | Leave a Comment 

Is online security hindered by computer jargon?

Whether computer jargon is creating a barrier preventing people from learning how to protect themselves online is a discussion taking place at this week’s EastWest Institute meeting of global security experts. The EastWest Institute is a ‘think-and-do tank’ dedicated to debating pressing global security concerns and working with a network of individuals, institutions and nations to discuss and implement solutions.

The importance of using plain language to discuss computer threats isn’t a top priority of their seventh annual Worldwide Security Conference, headlined by Pakistan’s Foreign Minister, but it is still an important conversation.

“We use a lot of complex terminology where it’s not needed. We don’t encourage people to think enough,” said Steve Purser, head of technical competence at the European Network and Information Security Agency, speaking to Reuters.

People shouldn’t be made to feel baffled by IT security. Part of the job of vendors like Symantec, and other industry professionals, is to demystify it. Cybercriminals are evolving different tactics and increasingly new threats don’t always have a textbook answer. That’s why it’s incredibly important for people to have accessible sources of information in simple, easy-to-understand language. It’s particularly critical for smaller businesses who often don’t have a dedicated IT person to turn to. Do you feel that as an industry we need to be better at getting past the jargon?

February 26, 2010 | Filed Under cyber-crime, security | Leave a Comment 

Getting your money on the move

A report from ABI Research has forecast that about 244 million people worldwide will be using their mobile devices to carry out financial transactions with their banks. Indeed, Asia (with India taking a strong lead) is already pushing this technology forward.

Needless to say that while the move towards mobile banking is a positive one, and almost certainly something that we’ll all get a chance to participate in over the coming years, it also opens the door for more security concerns. Back in September, Symantec’s Ray Greenan and Matts Aronsson spoke to TMCnet about just that.

What is clear is that as more and more valuable information is stored on mobiles, the more of an opportunity they present to cybercriminals. Data such as bank account numbers, credit card details, passwords and telephone numbers can all be sold on the underground economy.

For the banks who are rolling this out it’ll be important that as part of their Due Diligence they ensure they put adequate security measures in place and, vitally, educate end users on how to be safe.

February 23, 2010 | Filed Under Miscellaneous, security | 1 Comment 

Where broadband grows – cybercrime surely follows

I read with interest that VNU is reporting that Global IP traffic is to swell fivefold by 2013. That’s an amazing number driven by the spread of high-speed broadband, ubiquitous internet access and the increasing use of high-definition video as we continue to find new ways to use the Internet.

However, history shows that as broadband rolls out, cybercrime and online criminality follows.

It seems like each year we bring out the Symantec Internet Security Threat Report, one, usually emerging country, leaps out of the country charts. Nine times out of ten that country has recently seen a new expansion of broadband usage. Indeed in the recent ISTR XIV, Brazil, Turkey, and Poland were notably high in the ‘Top 10′ countries for malicious activity, largely due to emerging internet and broadband infrastructure in those countries.

The professional cybercriminal underworld operates a flexible business model which looks for opportunities to exploit new regions of the world to spread their activities. It is this flexibility which allows them to move their focus of activities to emerging markets where broadband pickup is expanding and maybe where market education and security can sometimes be lagging behind. Our report into the Underground Economy looks into this trend as well.

So if this news report is correct, it can be expected that the Cybercriminals will continue to spread their activities far and wide. And more importantly, we, as users of the web, have to do a good job of protecting and educating ourselves against this menace.

Dominic Cook

June 11, 2009 | Filed Under cyber-crime, security | Leave a Comment 

And Your Password Is… Password

A report into the Top 10 passwords for 2008 puts ‘Password’ at the top of the list. It’s been in the top 5 for years – why? You would have thought that people would realise that if it (whatever it is) is worth protecting by a password then they would realise that it is of value to someone else.

‘But… it’s only my blog’ or ‘It’s just my social networking account’ or … there is an endless supply of excuses as to why people chose weak passwords – listen up, if it has a value to you, it has a value to someone else. So, now let’s play a game of ‘What If’… and this is what you need to do when setting a password (partner’s name, child’s name, pet’s name – they are all in the popular list – and easily guessable – by machine, don’t think that someone is typing them in, oh no, its all done by machine)… so what if someone gets onto your site and defaces it, perhaps posts objectionable content or pictures, perhaps emails all your friends and tells them that you hate them… it’s coming from your account, they will be impersonating you, how do they know it’s not you? How long will it take to repair the damage caused? Hopefully the picture is clearer now… so when you chose a password make it a strong one – put in a number or two, perhaps some punctuation and have it at least 8 characters long. That way someone won’t come along and hijack your account and maybe your reputation as well.

(Just so you know… the same goes for work passwords as well – many companies have policies and protection in place for work based passwords… and for good reason. Imagine if someone could impersonate you and therefore your company…)

July 11, 2008 | Filed Under security | 1 Comment 

Next Page »