Advertisement
Promo

Security threats Toolkit

Viruses cause most security breaches

Tom Espiner ZDNet.co.uk

Published: 28 Feb 2006 17:55 GMT

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

Viruses remain the biggest cyberthreat to businesses, according to a government report to be released soon which will also warn that the threat of spyware is growing, .

The Department of Trade and Industry (DTI) report into information security breaches found that approximately half of businesses said their worst security incidents over the past two years has been caused by virus infections, rather than other threats such as hacking or phishing.

The survey, which will be launched at Infosecurity Europe 2006 in London in April, showed that virus infections were also more likely to have caused serious service interruption than other incidents.

"Usually the disruption was minor, but roughly a quarter of companies questioned who reported a virus as their worst incident had major disruption, with important services such as email down for more than a day," the authors of the survey said in a statement.

The report found that the threat from spyware is also increasing. A quarter of UK businesses are not protected against the threat caused by spyware, said the report, while spyware caused one in seven of the security incidents reported.

"Of external threats, malicious software was the most significant, while the threat from spyware grew the most. Spyware was the hardest threat to detect, and the one UK businesses were least prepared for," Chris Potter, co-author of the report and partner at PricewaterhouseCoopers, told ZDNet UK.

Companies are relying too much on antivirus software, according to the report.

"It's clear that the old model of 'all I need is antivirus software on my email gateway' just doesn't cut it any more," said Potter. "Ninety-five to ninety-eight percent of businesses have antivirus software deployed, yet thirty-five percent have had virus infections in the past year."

Spyware was increasingly being used by organised criminals because it is more difficult to detect and easier to profit from, said Potter.

"Old style attacks just caused indiscriminate damage, like a plane dropping bombs. Now it tends to be a mass of guerrillas attacking organisations to take confidential information, which is much more subtle and insidious," said Potter.

Most malicious attacks involved the exploitation of weak patches, according to Potter, and most were targeted against machines running Microsoft software.

"It's clear that there are a huge number of Microsoft computers, and it's likely they are targeted more by virus writers because that will result in more infections," said Potter. "However Microsoft, through XP Service Pack 2, has made the patching process much easier. Most companies are now deploying patches within a week."

Companies could not just rely on antivirus software to prevent the threat of malware, said Potter, but needed to deploy a range of in-depth protection.

"Each discipline — updating antivirus software, installing patches, installing intrusion-prevention or intrusion-detection systems — each contributed to the likelihood of reducing infections, but none of them alone eliminated the risk. The implication is to have multi-level protection. If businesses have all three elements with a patch auditing process, that will stand you in good stead," said Potter.

The report also found that businesses need to educate their staff about computer infections and their symptoms.

"It's absolutely critical that people make sure they have antivirus software, but stuff is always going to slip through. Businesses need to educate their staff about malware, so people stay alert for the symptoms of infection like a slow machine," said Potter.

Potter said that Internet telephony and instant messaging (IM) are emerging as potential means of attack, although most threats still came through Web downloads, and worms and other Trojans spreading across networks by email.

"VoIP and IM certainly are new attack vectors. Virus writers expend most effort on established technology, but IM is a potential threat. Roughly 42 percent of UK businesses allow their employees to use IM through AOL, MSN, or Yahoo, while more than half of those have no controls over its use. This potentially opens companies to exploits further down the road, although we've seen none yet," said Potter.

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with EPSON

Did you find this article useful?
80 out of 179 people found this useful


In association with Network Liberation Movement

Talkback

Post a comment


Full Talkback thread

1 comment

  1. Windows virus you mean. Olavi Petri

Related Links

More In Security threats


Company/Topic Alerts

Create a new alert from the list below:









Related BlackBerry Resources

Protecting the BlackBerry Device Platform Against Malware

BlackBerry Devices with Bluetooth - Security Overview

BlackBerry Enterprise Server IT Policy

BlackBerry Enterprise Solution - Security Technical Overview

BlackBerry Enterprise Solution and RSA SecurID

CIO's Guide to Mobile Security

See All White Papers

Video icon

Video

Sentry Posts Blog

Symantec website breached

Security company Symantec has said that one of its websites was successfully breached. Romanian security researcher 'Unu' posted details of the breach in a blog post on Monday. Unu... More

Post a comment

Campaigners criticise '£10bn NHS IT ov...

The National Health Service's flagship IT project has been criticised by a tax campaign group for running billions of pounds over budget. The NHS National Programme for IT (NPfIT)... More

2 comments

Climate research centre compromised

One of the UK's leading climate change research centres has had a security breach. The Climate Research Unit at the University of East Anglia (UEA) suffered a compromise of information,... More

1 comment


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters