Get ready, IT managers: the spammers are coming for you.
It’s been a “rough year for computing,” according to one Cisco Systems Inc. executive, and it could get a lot worse before it gets better. Cisco released on Monday the results its Annual Security Report, which covers the spam and security attack trends of 2008, and what IT managers should be on the lookout for in the year ahead.
“The overall number of disclosed vulnerabilities grew by 11.5 per cent over 2007,” according to the report. Virtualization vulnerabilities almost tripled from 35 to 103 over the year.
Legitimate domains are rapidly becoming one of the worst threats. According to the report, “Cisco researchers saw a 90 per cent growth in threats originating from legitimate domains, nearly double what was seen in 2007.”
Canada is no slouch when it comes to spam, either—the report found that our country accounts for 4.7 per cent of the world’s spam. Reputation hijacking is also becoming more common; this is where cybercriminals hack into someone’s account and use it to spam others.
When it comes to spam trends, botnets continue to be one of the primary menaces. For 2009, it’s all about the more tailored approach: targeted phishing (“spear-phishing”), such as the timely Obama-based lures, and social engineering (which aims to personally entice victims into opening malicious links).
There is a little more awareness about these issues as companies have had to admit their data misdeeds. “While it’s the researchers who usually find these things, the vendors have been disclosing with them more,” said David Goddard, Cisco’s vice-president of security assurance.
Come 2009, the main challenges faced by IT managers will be insider attacks, and protecting mobile devices and teleworkers.
Insider threats could pose an immediate problem if the economy continues to tank, according to Patrick Peterson, Cisco fellow and chief security researcher. “This will be an extremely challenging problem, as the financial crisis means a lot less happy employees, and the chances of an insider attack increase,” he said.
Another strategy is to limit access to sensitive data to a need-to-know basis. Said Candice Low, a research analyst with the Info-tech Research Group: “Apply the principle of least privileges.”
Keeping the network safe from clueless teleworkers is also important for the year ahead, said Low. In addition to encrypted VPNs, IT managers must keep an ever-watchful eye on remote workstations. She said, “You need to control everything remotely. Make sure the antivirus is set and that patches are deployed, and that they’re not just logging in from an unprotected home computer.”
IT managers should take the lead on user education, said Goddard. “They have to buy in to policies that have been articulated to them. It’s the evolving role of IT that has to always take into account human behaviour.”
Either way, they need to take a more wide-ranging, holistic approach, said Tom Gillis, vice-president of Cisco’s security product marketing. “Security matters more than ever. Now it can come through a distributed system, a software-as-a-service system, or mobile system. It’s been a rough year for computing.”
