Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Five big security threats for 2011

Ian Paul | March 10, 2011
Online malicious activity was a major headache in 2010, and so far, 2011 is no different: We've seen scams and malware on Twitter, Facebook, and the Android Market, as well as a rise in politically motivated online attacks. But that's no surprise to security experts such as Graham Cluley, senior technology consultant for security firm Sophos. Cluley says that Sophos analyzes about 95,000 pieces of malware every day that is either brand-new or a variant of an older attack.

Protect yourself: First and foremost, make sure you are running a security program that's current--especially one that effectively blocks brand-new malware (see our reviews of the latest security suites and antivirus programs for which to buy). And never download a security program from a pop-up window you see online or from a third-party site.

Threat 4: PDFs

It may be the oldest online scam in the book, but e-mail loaded with malware attachments is still a big problem despite a high degree of awareness and robust antivirus scanning in Webmail clients such as Gmail and Yahoo (YHOO) Mail. Cluley puts the number of malware-related e-mails sent every day in the "millions," and says that "more and more spam is less about touting Viagra or fake degrees, but [is] turning malicious in nature."

PDF documents appear to be a prime method for these attacks, according to a recent report by MessageLabs, a division of Symantec (SYMC). "PDFs are potentially one of the most dangerous file formats available and should be treated with caution...Because it is significantly easier to generate legitimate and concealed malicious content with PDFs," MessageLabs said in its February 2011 Intelligence Report (a PDF link--oh, the irony).

In 2010, 65 percent of targeted e-mail attacks used PDFs containing malware, up from 52.6 percent in 2009, according to MessageLabs, which further predicts that by mid-2011, 76 percent of targeted malware attacks could be using PDFs as their primary method of intrusion.

It's not just businesses that are targets of e-mail scams either. Sophos recently discovered an e-mail scam in the U.K. purporting to offer an $80 gift certificate to customers of a popular pet supply retailer.

Protect yourself: Make sure you are running an antivirus program and that it's up-to-date. Also, never open an e-mail attachment that you weren't expecting.

Last but not least, make sure that you keep Adobe (ADBE) Reader (or the PDF reader of your choice) up-to-date; Adobe regularly releases security updates that fix known flaws. The new Adobe Reader X has an updated security architecture that can better protect you against malicious PDF attacks.

Threat 5: War Games

State-sponsored malware attacks, industrial espionage, and hacktivism are on the rise, according to Perimeter E-Security's Jaquith. They may not be threats that affect everyone, but if you manage security for a business, they are the sorts of issues you should be paying attention to.


Previous Page  1  2  3  4  5  Next Page 

Sign up for CIO Asia eNewsletters.