In a recent speech at a security conference, Ken Dunham, a senior expert from iDefense, stated that threats from spyware and adware have surged significantly in a short period, causing substantial damage to enterprise networks.
 |
| Source: Radified |
Statistics from Websense indicate that nearly 20% of organizations have used hacker tools or keylogging programs in the past 12 months, nearly double the 12% reported a year earlier. “Although most employees are equipped with some awareness of web threats (like email attacks and keyloggers), many remain unaware that they can be victims of other sophisticated scams, such as hackers impersonating bank or phone company representatives to solicit sensitive information,” remarked Dan Hubbard, director of the information security and technology research center at Websense.
According to Dan Hubbard, organizations need to take the lead in web information security, including technological aspects, to prevent access to dangerous websites and applications, as well as to enhance internet safety education programs for their employees.
The Rise of Spyware
Keylogging software is a very dangerous form of spyware. It has the ability to record keyboard and screen usage, allowing hackers to access user sessions. Typically, hackers focus on sensitive information (like passwords, personal information, credit card numbers, etc.) to gain unauthorized access to organizational systems and misuse network resources.
According to assessments by information security experts, spyware has remained a hot issue for businesses over the past year – 92% of organizations reported being attacked and infiltrated by spyware (compared to 93% in 2005, according to Websense).
“We have no doubt about the rise of spyware and adware in recent years. Previously, we were aware of various types of attacks. Then they started to become automated and have significantly increased in scale and scope,” commented Ken Dunham.
Dunham believes that the line between illegal and paid installation is very “thin” because it is challenging to prove that spyware was installed illegally. Adware is legitimate software that is exploited for profit. “These are highly skilled hackers, as they can learn how to attack and install code without fear of accountability. Even when caught, it is difficult to prove they carried out all those illegal installations based on different computers. Hackers are making a fortune from legal loopholes.”
Rapid Growth of Bots
Bots are software that can be inadvertently installed on personal computers, communicating through a command window and a control center. The command window and control center are illegal, controlling many personal computers from one place and can be used for distributed denial of service (DDoS) attacks, serving as bait, and hosting malicious content.
Bots (networks of computers controlled by hackers) are increasing rapidly, bringing significant harm to enterprise networks, such as DoS (denial of service) attacks, DDoS (distributed denial of service) attacks, causing disruptions and losses to business operations.
Meanwhile, a report from Wensense revealed that only 34% of IT professionals felt confident enough to prevent bot activity; 19% reported that their owned computers or laptops were infected with bot networks; 62% indicated that their corporate networks lacked bot filtering…
KhanhDN
