Data loss max due to lost, stolen PCs

[Kalyan]

Data loss max due to lost, stolen PCs

If you thought hacking is the most rampant malice in the world wide web, you have another thought coming. The top-most reason for data breaches remains lost and stolen computer equipment, according to sixth volume of its Microsoft Security Intelligence Report, released on Wednesday.

There has been a significant increase in rogue security software and threats predominantly target common third-party desktop applications, the report points out.

Released twice a year, the Microsoft Security Intelligence Report uses data gathered from hundreds of millions of computers worldwide to provide an in-depth snapshot of the threat landscape.

With this volume, which covers the second half of 2008, Microsoft provides more information and insight about threats than ever before by offering new data on document file format attacks, the differences in malware affecting home and business computers, and phishing. Read on.....

source: economic times

[Kalyan]

Stolen computers biggest threat

Lost and stolen equipment, not computer hacking, continues to be the most common cause of security breaches resulting in data loss publicly reported in the second half of 2008 -- totaling 50 per cent of reported incidents.

To mitigate this threat, organizations must implement strong data governance practices to help protect data from criminal access.

source: economic times

[Kalyan]

Rogue security software

Also known as "scareware," it takes advantage of users' desire to keep their computers protected. The rogue software lures them into paying for protection that, unknown to them, is actually malware offering little or no real protection, and is often designed to steal personal information. The Microsoft Security Intelligence Report shows that such programs are now among the top threats around the world.

For example, two rogue families, Win32/FakeXPA and Win32/FakeSecSen, were detected on more than 1.5 million computers by Microsoft software, catapulting them into the top 10 threats in the second half of the year. In addition, Win32/Renos, a threat that is used to deliver rogue security software, was detected on 4.4 million unique computers, an increase of 66.6 percent over the first half of 2008.

Rogue security software and other social engineering attacks such as these compromise people's privacy and are costly; some take personal information and drain bank accounts, while others infect computers and rob businesses of productivity.

source : economic times

[Kalyan]

Attackers have shifted to application layer

The Security Intelligence Report also showed that as software companies have improved the security of their operating systems, attackers have shifted their focus to the application layer, where the majority of vulnerabilities are now being reported; nearly 90 percent of vulnerabilities disclosed in the second half of 2008 affected applications.

The report also showed that Microsoft continues to make significant progress in secure software development and that newer versions of Microsoft software are more secure than previous versions.

source : economic times

[Kalyan]

Vulnerabilities

A home user is likely to get hit with a trojan attack. In the enterprise, the weapon of choice is that worm attack. The biggest difference between enterprise and home vulnerabilities is social engineering. Microsoft explains: The Windows Live OneCare list also includes several families associated with rogue security software, such as Win32/Renos, Win32/FakeXPA, and Win32/Antivirus2008.

The social engineering messages used in connection with rogue security software may be less effective in an enterprise environment, where malware protection is typically the responsibility of the IT department...By contrast, the Forefront Client Security list is dominated by worms, like Win32/Autorun, Win32/Hamweq, and Win32/Taterf.

Worms rely less on social engineering to spread than categories like trojans and downloaders do, does and more on access to unsecured file shares and removable storage volumes, both of which are often plentiful in enterprise environments.

source : economic times

[Kalyan]

Social networking sites are phishing target

Social networking sites will remain a big phishing target. Social networking phishing attacks represented less than 1 percent of attacks, but yielded a big chunk of phishing impressions.

A typical social network phish is likely to trick an order of magnitude more users than a typical financial phish. There are a number of explanations for this discrepancy. While financial institutions targeted by phishers can number in the hundreds, just a handful of popular sites account for the bulk of the social network usage on the Internet, so phishers can effectively target many more people per site.

In addition, phishers often use the messaging features of the sites themselves to distribute their attacks, typically by gaining control of a user's account and using it to send phishing messages to the victim's friends. These attacks can be much more effective than e-mail–based attacks, because they exploit the considerable level of trust users place in their friends.


source : economic times

[Kalyan]

Removal of unwanted software

Users don't always remove unwanted software. Microsoft's scans allow users to ignore a security alert, allow software to remain, issue a prompt, quarantine or remove it. If software is really malicious it is removed without user input. The gray areas appear when users have a choice.

"These decisions are influenced by a number of factors, such as the user's level of expertise, how certain they feel about their judgment regarding the software in question, the context in which the software was obtained, societal considerations, and the benefit (if any) being delivered by the software or by other software that is bundled with it. Users make choices about what to do about a piece of potentially unwanted software for different reasons, so it's important not to draw unwarranted conclusions about their intent." according to Microsoft.

source : economic times

[Kalyan]

Malware

Malware is dominant in the U.S. and accounted for 67 percent of all infected computers. Trojans—the miscellaneous variety–were detected on 29.4 percent of infected computers.

Among other items: Five of the top 20 families detected in the United States in 2H08 (Win32/Renos, Win32/FakeXPA, Win32/FakeSecSen, Win32/Antivirus2008, and Win32/Winfixer) download rogue security software or display misleading warning messages to convince users to purchase a program that supposedly removes spyware.

source : economic times