Cyber attacks worry firms more than terrorism

When it comes to threats, natural or man-made, Indian companies have rated cyber security as a major concern. In the light of increased cyber attacks, over 42 per cent of enterprises perceive cyber crime as a bigger threat than terrorism, crime and natural disasters.

This was one of the findings of ‘2010 State of Enterprise Security Study,’ a global study carried out by Symantec Software Solutions Pvt. Ltd., where Indian companies from sectors such as telecom, hospitality, manufacturing, retail and technology participated.

“Indian enterprises are experiencing frequent cyber attacks and the losses incurred due to them are escalating. In the past 12 months, 66 per cent of the companies experienced cyber intrusions and 51 per cent of them reported repeated attacks, while 34 per cent have experienced high number of malicious hits. On the other hand, 31 per cent said there were internal attacks as well,” said Vishal Dhupar, managing director, Symantec Software Solutions Pvt. Ltd., at a press conference here on Tuesday.

Also, each cyber attack had a financial impact, as organisations reported loss of revenue. “Apart from financial loss, companies will have to put up with damaged brand reputation, loss of customer trust. The average revenue lost by companies due to the virtual attacks was recorded at Rs. 58.59 lakh in 2009.” Interestingly, with IT security becoming a daunting issue for enterprises, the study pointed out that implementation of enterprise security is turning into a difficult task.

“Enterprise security is understaffed and the most affected areas in organisations are network security, web security and data-loss prevention. To tackle the issue, companies need to secure their messaging and web environments and defending critical internal servers. They should also have the ability to back up and recover data and respond to threats rapidly.”

To overcome such threats, companies should develop and enforce IT policies to secure data breach in anyway possible. “By prioritising risks and defining policies, companies will not only be able to identify threats but also come up with remedies. Also, they should know the location of sensitive information and how it’s coming or leaving the organisation. Companies should be able to monitor and report their systems status and be ready for any kind of threat.”

Over 40 million use fake anti-virus software: experts

 

SYMANTEC

Have you installed any downloaded anti-virus software on your computer? Check it out, it could be a fake one as cyber security experts have warned that over 40 million users worldwide have been tricked to buy such malicious software.

According to security experts at Symantec, web users generally get lured by cyber criminals to download and install fake anti-virus software on to their machines, believing they’re protecting their PCs from hackers.

But actually, the criminals, who earn more than 750,000 pounds a year from the business, provide themselves a “back door” access into the machines via the software, The Telegraph reported.

Once the malicious software was installed, it forces users to unwittingly share their credit card and other financial details with fraudsters, said experts at the California-based software firm.

They have identified more than 250 versions of this software, called as ‘scareware’, and estimate that around 40 million people worldwide have fallen victim to these scams last year.

To intimidate and trick web users into buying such software, Symantec said, the vendors go to great lengths.

They use pop-up adverts, which look similar as the alert messages from known and reputed anti-virus companies, to lull the users into a false sense of security.

.Digital ants to fight computer viruses

Washington: In the never-ending battle to protect computer networks from intruders, security experts are deploying a new defence, modelled on one of nature’s hardiest creatures – the ant.

 

Unlike traditional security devices, which are static, these “digital ants” wander through computer networks looking for threats, such as “computer worms” – self-replicating programmes designed to steal information or facilitate unauthorised use of machines.

 

When a digital ant detects a threat, it doesn’t take long for an army of ants to converge at that location, drawing the attention of human operators who step in to investigate.

 

The concept, called “swarm intelligence”, promises to transform cyber security because it adapts readily to changing threats.

 

“In nature, we know that ants defend against threats very successfully,” explains Errin Fulp, computer science professor and expert in security and computer networks, at the Wake Forest University (WFU).

 

“They can ramp up their defence rapidly, and then resume routine behaviour quickly after an intruder has been stopped. We were trying to achieve that same framework in a computer system,” he says.

 

Current security devices are designed to defend against all known threats at all times, but the bad guys who write malware – software created for malicious purposes – keep introducing slight variations to evade computer defences.

 

As new variations are discovered and updates issued, security programmes gobble more resources, antivirus scans take longer and machines run slower – a familiar problem for most computer users.

 

Glenn Fink, research scientist at Pacific Northwest National Laboratory (PNNL) in Richland, Washington, came up with the idea of copying ant behaviour. PNNL, one of 10 Department of Energy (DoE) labs, conducts cutting-edge research in cyber security.

 

Fink was familiar with Fulp’s expertise developing faster scans using parallel processing – dividing computer data into batches like lines of shoppers going through grocery store checkouts, where each lane is focussed on certain threats.

 

He invited Fulp and Wake Forest graduate students Wes Featherstun and Brian Williams to join a project there this summer that tested digital ants on a network of 64 computers.

 

Swarm intelligence, the approach developed by PNNL and Wake Forest, divides up the process of searching for specific threats, says a WFU release.

 

“Our idea is to deploy 3,000 different types of digital ants, each looking for evidence of a threat,” Fulp says.

 

Fulp introduced a worm into the network, and the digital ants successfully found it. PNNL has extended the project this semester, and Featherstun and Williams plan to incorporate the research into their master’s theses.