3 Oct 2009

Computer hacks jump in 2009 study


You might have seen this week's news that were talking about the evolving threat in Canada…
Computer hacks jump in '09: study
CBC News

Canadian companies faced more computer attacks in the past 12 months, which cost companies almost twice as much to fight, according to a study released Tuesday. A survey of 600 information technology professionals compiled by Telus Corp. and the Rotman School of Management at the University of Toronto showed that…
REF: http://www.cbc.ca/technology/story/2009/09/29/telus-it-breach-2008.html



Les brèches de sécurité en TI coûtent cher aux entreprises
Magazine Les Affaires
Les brèches de sécurité dans le secteur des technologies de l’information coûteront en moyenne 834 000 dollars à chaque organisation canadienne en 2009, soit environ deux fois plus qu’en 2008


How to protect ourselves
The best way is to be ahead of the threat, as the IBM ISS R&D group called X-Force says so well. This is a differentiating factor for IBM to have X-Force and the ISS solutions that "box" them. This group regularily publishes vulnerability and threat reports that provide a good summary of they do on a day-to-day basis : http://www-935.ibm.com/services/us/iss/xforce/trendreports/ :

Latest Trend and Risk Report

In addition to standard vulnerability, malware, spam, phishing, and web threat statistics, the IBM X-Force 2009 Mid-year Trend and Risk Report features the following special topics:
  • Document vulnerabilities. In the first half of the year alone, the total number of vulnerabilities disclosed in some of the document types we traditionally consider "secure" has already exceeded the total number of disclosed vulnerabilities found in them in all of 2008.
  • Most disclosed vulnerabilities. Microsoft is no longer number one in the "most disclosed vulnerabilities" category.
  • Better Browsers. More secure (if you update) but still the main exploitation target.
  • Bad Web Links. More prolific for spam, phishing, and the delivery of malicious code.
  • Conficker and Lessons Learned. Conficker had baffled security researchers, caused panic among computer users, and had shown us a glimpse of the mindset and the sophistication of cybercriminals.

Latest Threat Insight Report

This edition of the X-Force Threat Insight Report provides an exhaustive list of security alerts, breaches and the most commonly seen threats in Q2 2009. It also delivers two new and insightful articles by IBM ISS researchers. The first article assesses one of the more serious threats of 2009, Conficker. The Conficker worm family has evolved into a massive sophisticated malicious botnet arsenal and infrastructure of millions of compromised hosts. The second article discusses Internet fraud schemes, specifically, Advance Fee schemes and Romance scams.

No comments:

Post a Comment