IT security resellers faced new kinds of threats in 2008

By Barbara Darrow, Senior News Editor 16 Dec 2008 | SearchITChannel.com

Channel News Update Digg This!     StumbleUpon     Del.icio.us

As the New Year approaches, IT security vendors are inundating the world with their year-end threat assessments and projections for 2009.

McAfee Inc. found that the flagging economy did not hinder cyber crooks last year and, in fact, it may have been a boon. The security vendor's Virtual Criminality Report noted a discernible rise in attacks from false recruiting letters and other email designed to intrigue people whose jobs might be in jeopardy. And in this climate, that's just about everyone.

McAfee also saw an increase in spear phishing -- targeted attacks in which hackers research their recipients and devise legitimate-looking email messages.

More resources for IT security resellers Lisa Loe out at McAfee Information security resources for channel partners   Computer viruses, worms and malware news

"A good example is the LinkedIn attack this year, where about 10,000 users were specifically spammed and phished -- using first and last names and with resume information that looked like a LinkedIn update," said David Marcus, McAfee's director of security research and communications.

IT security resellers guard against attacks

In fact, more cybercriminals are using LinkedIn, Facebook, MySpace and other social networks to glean information about potential victims and generate targeted email that appears to come from friends or colleagues.

"In an economic downturn, this will be a big problem going forward," Marcus said. "People may click on something they wouldn't have clicked on if the climate was different."

There was also a rise in the number of fake job sites in the first half of 2008. In the United Kingdom, McAfee found 873, which was up 345% from the previous year. The fact that many companies are laying off employees sparked more fear of data loss, whether in the form of electronic theft or the low-tech theft that occurs when severed workers leave the building with data-crammed USB sticks.

"The top concern of my customers is people walking out with data," said Michelle Drolet, CEO of Towerwall Inc., a Framingham, Mass.-based Internet and information security solution provider. "Most of the threats now are through HTTP, much more malware than viruses."

Duncan Hume, director of Bell Micro's new North American security division, said data loss prevention (DLP) is the top concern he hears from customers and VARs alike. Companies always worry about data leaving the premises, but "when times get tough economically, defenses drop and phishing attempts [that] they ordinarily wouldn't give the time of day to become more tempting," Hume said.

Jonathan Dambrot, managing director of Prevalent Networks, a Warren, N.J.-based security specialist, said these DLP concerns escalate to the CEO level a lot faster than they used to.

"In some cases they're not sure how it's leaving the company, but they know it's out there getting posted," he said.

The bad guys are just getting smarter about presenting themselves as correspondents the recipient might know or want to hear from. Cisco's Annual Security Report, released Monday, cited 90% growth in threats originating from legitimate domains this year -- nearly double the 2007 figure. And in its Security Threat Report 2009, Sophos found that the United States was the country of origin for most Internet-based malware attacks in 2008.

Many IT security resellers and vendors said, almost nostalgically, that the days of the script kiddies are gone. Now, the vast majority of threats originate with organized criminals who are in it to make money, not prove their hacking prowess.

"It's no longer kids in their bedrooms writing viruses for grins and giggles," Hume said.

How IT security resellers can prevent breaches

McAfee also warned that there could be a lack of resources devoted to fighting cybercrime, with law enforcement spending crunched and much of what remains focused on terrorism and economic issues.

Successful penetration of corporate data repositories and harvesting of that data requires both technological and social smarts, so a huge component of security lies in talking to employees. Warning them about best practices when using social networks, for example, is critical.

"Companies have to train their people," Dambrot said. "They have to do content filtering based on reputation as well as context. They need to make sure they have strong antivirus both at the desktop and the network. The best practice is layering. You can't block everything, and even if you do, new sites pop up every day. It's an arms race."

That leads to the best advice IT security resellers can give their customers: that a total security solution must consider electronic safeguards as well as good human resources and training practices.

"That's a tough conversation to have with employees -- what they can and can't do in social nets," Dambrot said. "You can tell them to stay off the nets, but that's not really realistic, so you need to mitigate."

But it's not just on the users. IT security resellers and vendors alike say social sites must take on more responsibility themselves for policing their networks and protecting them from unscrupulous use.

"The pressure is on for them to do more to control this," Dambrot said. As an example, he pointed to Yahoo and AOL, which, he said, "now run antivirus in their clouds. They scan email, even free mail, as it's sent."

Tags: Technology Industry News for Channel Professionals,  How to Choose the Right Technologies,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Technology Industry News for Channel Professionals Ingram Micro SMB VARs collaborate Google walks away from Yahoo IT Channel News Briefs, Nov. 4 Windows Server 2008 sales outlook uncertain Microsoft Web platform narrows lead of open source in hosting market How to Choose the Right Technologies Tech Watch: Where's WiMax? VARs, distributors assess their cloud computing role Tech Watch: Multicore PCs sell, despite some app issues Tech Watch: Modularity, management top UPS wish list Appliances, open source software give VARs systems management options Social media sites and applications cheat sheet Tech Watch: EnergyWise pushes convergence of IT, energy management Preparing for 64-bit in Microsoft Office SharePoint Server 2010 Pranah jumps to multi-protocol storage; more headlines Mainsoft opens SharePoint blogs, wikis, My Sites to IBM developers

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary consultant  (SearchITChannel.com) lead  (SearchITChannel.com) lead generator  (SearchITChannel.com) proprietary solution  (SearchITChannel.com) solution provider  (SearchITChannel.com) tier 1 vendor  (SearchITChannel.com) tier 2 vendor  (SearchITChannel.com) turnkey solution provider  (SearchITChannel.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary