Final countdown - top 10 security threats for 2008
Botnets, spam, malware, phishing - the list of security threats continues to get longer and more alarming. ARN spoke to a range of security experts and came up with the 10 biggest security threats looming in 2008. We also asked vendors and analysts for advice on how the channel can help their customers deal with these issues.
Sophos channel manager Zoe Nicholson said mail security is considered to be well in hand because defeating corporate mail security is getting harder. However, Cisco security lead Colin Bradley said spam volumes were still surging, going up massively even as recently as January, according to research from the vendor's IronPort subsidiary.
Meanwhile, Australian law may soon follow the US and force organisations to declare information leaks, regardless of whether they are exploited.
"There is a real need for companies to take, and to be seen to take, precautions," Nicholson said. "Web infections advertise that a customer's brand isn't properly secured."
Spam victims should evaluate new products and services. Image, PDF spam and MP3 spam are all conquerable. Email is a leading route to data leakage, yet few companies filter outbound email with the zeal they show guarding their inbox. "That should be 2008's security 'to-do'," Nicholson said.
Bradley said IronPort Internet and network gateway appliances combated spam via the context adaptive scanning engine (CASE) and reputation filtering. He claimed this stops up to 80 per cent of spam at the connection level. IronPort appliances also offer rate limiting capability - meaning that potential spam from suspect addresses can be slowed down. A 24/7 threat response centre is also a boon to users and managed security service providers aiming to respond quickly to attacks.
Software solutions include McAfee's Host Intrusion Protection for Desktops.
09 UNEXPECTED ATTACKS
The widespread belief that Linux and Apple platforms are more secure and low-risk than their Microsoft counterpart is already being called into question. Sophos Asia-Pacific head of technology Paul Ducklin claimed Linux servers could act like an army of 'Typhoid Marys'. While remaining unaffected themselves, they host about half the 6000 newly-infected Web pages Sophos discovers each day.
"Today's Web security problems are greatly magnified by Linux servers," Ducklin said. "It's a great opportunity for selling security software to people who have for years assumed they didn't need it."
According to Sophos' 2008 security threat report, organised criminal gangs seeking pecuniary reward began targeting Macs for the first time last year. Mac malware has been seen before but November 2007 saw various malicious OSX/RSPlug trojans planted on websites to infect passing Apple machines for the purposes of phishing and identity theft.
Websense chief technology officer Dr Richard Cullen said cross-platform attacks are tipped to target "the Macs and iPhones of the world" and pollution of Web 2.0 applications, blogs and blog comment is already happening.
Linux and Mac users need to be aware that their machines do represent a business security hole - especially, as with Linux servers, they are part of a company network - and need to patch those holes, beginning with basic Internet security fixes such as antivirus. Resellers can also play a role in the customer education process.
08 MOVING TARGETS
The very mobility of modern IT makes it easy for the less ethical to steal business information. Portable mobile devices fill a business need because they offer anytime access to corporate information almost anywhere - and therein lies the problem. According to Gartner, handhelds are becoming popular as online banking and enterprise remote access devices. Enterprise users inside the firewall are increasingly adopting smartcards and USB tokens for authentication on the go but user mobile devices are more convenient.
Check Point country manager Scott McKinnel said its Pointsec Mobile solution offers USB or external drive encryption and secures data stored on mobile devices such as PDAs or phones. WatchGuard regional director Scott Robertson said the vendor is introducing SSL into its Edge 10.0 range, which will be available as a subscription. "Certainly as we see remote workers increasing on the network, having secure remote access is an important part of looking after that network," he said.
Trend Micro premium services manager Adam Biviano and enterprise sales director Michael May said it also offered a Mobile Security Suite for spam and data encryption on the handset. . .