Category: Statistics

IBM’s monthly security report said that phishing jumped 226 percent in May over the previous month to record an all-time high that beat out the earlier record in January of this year.

The surge continued into and through June, said Redwood City, Calif.-based Postini in its own malicious code accounting, with phishing attacks climbing 71 percent over May’s numbers.

“Phishing attempts will continue to plague enterprise users for the foreseeable future,” opined Andrew Lochart, senior director of marketing at Postini, in a statement.

News of most other malware categories was almost as dismal. IBM, for instance, tallied a 33 increase during May in the number of e-mails carrying viruses or worms.

Spam remained flat at around 69 percent of all e-mail for May, said IBM, the third month in a row of little or no growth in junk mail.

http://www.techweb.com/wire/security/164904277

Nearly 100 percent of CSOs say they are well prepared to handle spam, malware, denial-of-service attacks, and hacker attacks, according to a survey by CSO Interchange at a conference held last week in Chicago for chief security officers.

The same survey also shows that 88 percent say their organizations are least prepared to handle inadvertent loss of data, social engineering and inappropriate use.

On top of that, another 75 percent report that their jobs have become more difficult or substantially more difficult than they were last year.

”The role of the CSO continues to become more complex,” says Philippe Courtot, co-founder of CSO Interchange and CEO of Qualys. ”CSOs now have responsibility for internal and external threats, compliance with regulatory mandates, and attention to bottom line business performance:.

The survey also shows:
– Sixty-four percent of CSOs surveyed are more concerned about compliance this year than they were last year, and 38 percent report their budget for compliance solutions grew during the past year;
– Seventy-four percent say their organization must comply with more than five laws and regulations;
– Sixty-eight percent say their security budget is less than 10 percent of their total IT budget; -Eighty-three percent outsource less than 10 percent of their security, and 40 percent do not outsource security processes at all, and
– Seventy percent say they do not receive sufficient early warning for cyberattacks.

http://itmanagement.earthweb.com/secu/article.php/3516156

Key findings include: 75 percent of small and medium businesses were hit by at least one virus, with some affected over 100 times, 40 percent of respondents have been hit by hackers at least once, with some targeted more than 200 times, 29 percent don’t use anti-spam software, 34 percent don’t use spyware software, 4 percent don’t use anti-virus software and 9 percent don’t have Internet firewalls.

With these statistics demonstrating how computer security and spam issues reduce employee performance, I’m amazed that we don’t see 100 percent of small and medium businesses taking advantage of the protective technology available,” said Paul Cousino, director of Research Services at Maritz’ Information Technology Group.

http://www.ebcvg.com/articles.php?id=777

The report, sponsored by software company PixAlert and conducted by research firm Delta Consulting, also found that when businesses pursued an investigation, 44 percent of cases resulted in a dismissal from the company.

The study is the latest to indicate that companies are keeping close track of employees in the work place. A report released earlier this month found that 63 percent of corporations with 1,000 or more workers either employ or plan to employ staff to read or otherwise analyze outbound e-mail.

And according to a study earlier this year, the number of companies that monitor the amount of time employees spend on the phone and track the numbers called has jumped to 51 percent, up from 9 percent in 2001.

Though liability and regulatory issues may be convincing companies to peek in on their employees, such surveillance raises privacy concerns. Employers can monitor workers to a greater degree these days, thanks to newer technologies such as keystroke-logging software and satellite global positioning systems that can track a cell phone user’s whereabouts.

http://news.zdnet.com/Bosses+on+the+prowl+for+risque+pics/2100-9595_22-5752067.html?part=rss&tag=feed&subj=zdnn

Administrators and managers may not want to hear it, but Windows 2000 is reaching the end of its supported life.

According to a report from AssetMetrix, Windows 2000 does still feature greatly in many enterprises. Windows 2000 dropped only four percentage points, from 52 to 48 percent, in its popularity in corporate IT environments.

Bigger companies seem more prone to keeping Windows 2000. In the study, AssetMetrix found that businesses with fewer than 250 employees were more likely to be running Windows XP already.

http://www.webpronews.com/news/ebusinessnews/wpn-45-20050615Windows2000StillRunningOnHalfOfCorporatePCs.html

The Computing Technology Industry Association, or CompTIA, released its third annual report on IT security and the work force.

The survey of nearly 500 organizations, found that 56.6 percent had been the victim of a browser-based attack, up from 36.8 percent a year ago and a quarter two years ago, CompTIA said.

Browser-based attacks often take advantage of security flaws in Web browsers and other components of the user’s PC such as the operating system. The attackers’ objective can be to sabotage a computer or steal private data, and the attacks can be launched when a person visits a Web page that appears harmless but contains malicious code. One of the ways to lure victims to a bad Web site is through spam e-mail that include a hyperlink.

Phishing, a form of attack that typically includes e-mail and fraudulent Web sites resembling legitimate ones, is on the rise, CompTIA said. Phishing is usually an attempt to steal sensitive information such as usernames, passwords and credit card numbers. A year ago, 18 percent of organizations said they had become victims of phishing. This year the figure has grown to 25 percent, CompTIA said.

Still, viruses and worms continue to be the No. 1 IT security threat, though the number of these attacks has dipped slightly. Two-thirds of organizations reported they had experienced such attacks in the past year, down slightly from 68.6 percent a year ago.

New pests are also affecting users, CompTIA said. Pharming and threats to mobile devices are causing headaches, the organization said. In pharming attacks, people are redirected to a malicious Web site after an attacker hijacks a domain-name system server–a computer that maps text-based Web site names to actual IP addresses.

CompTIA commissioned TNS Prognostics to conduct the study, which included interviews with 489 professionals from government, IT, financial, education and other sectors.

http://news.com.com/Browser-based+attacks+increase+as+viruses+decrease/2100-7349_3-5747050.html