The leading global IT security solutions provider Symantec this week released the 2013 edition of its annual Internet Security Threat Report, which detailed how online threats grew and evolved significantly in 2012.
Threatscape’s MD, Dermot Williams got the opportunity to provide an overview of the report on Ireland’s most-listened-to radio programme, RTE’s Morning Ireland, and express his views on ever-evolving internet threats – a new one described as using a watering hole attack. Dermot talked zebras and the serengeti to get his point across, making for a very entertaining piece of radio.
Welcome to the jungle: Listen to Dermot on Morning Ireland -
One key finding was that web-based attacks increased 30 percent last year, many of which involved attackers compromising the security of a small business website that an intended target is likely to visit. The attacker leverages the weak security of one organisation to circumvent the potentially stronger security of another.
The report reveals that small businesses are now the target of 31 percent of all attacks, a threefold increase from 2011.
“Poor web security is allowing attackers to launch attacks via legitimate websites which they compromise to distribute malware, usually by exploiting unpatched vulnerabilities in visitors’ web browser plug-ins,” says Dermot Williams, Managing Director of Threatscape. “Patch management, and network client management in general, has been one of the services we have been called upon most frequently to deliver to corporate customers in the last 12 months, since well-patched network end-points are essential to maintain network security.”
Threatscape offers the following tips to website owners and individuals to safeguard against potential attacks on their sites and PCs.
What website owners should be doing to ensure they are not compromised and turned into virtual ‘malware mules’ for criminals:
- Ensure ALL passwords related to the management of the web server at all levels are strong. This includes the operating system (OS), HTTP server, content management system (CMS) and control panel passwords.
- Ensure passwords are not given out to the wrong people using scams such as ‘phishing’ attacks –bogus emails masquerading as legitimate in an attempt to get the recipient to disclose confidential information.
- Ensure back-end software is patched including hosting systems, control panels and databases.
- Ensure there are no SQL (structured query language) injection weaknesses.
What end users should do to ensure their PCs are able to withstand attempts to infect them with malware that could even potentially come from legitimate web sites?
- Ensure all your devices have effective firewall and anti-virus software installed, to help protect against traditional types of attack.
- To help guard against web-based attacks, you should keep the software you use updated with any vendor security “patches” (small software updates); this applies not only to your operating system and web browser software but also and particularly to web browser “plug-ins” such as Adobe Flash, Acrobat Reader, Apple QuickTime and Java.
“I think it is worth stressing to people that Microsoft’s free ‘Windows Update’ feature, which they may be familiar with, is designed only to keep the Microsoft software on their computer up to date; it does NOT update other popular software you may be using from vendors such as Adobe, Apple or Sun/Oracle – so you should take care to update these too, as many attacks are launched by exploiting vulnerabilities attackers have discovered in their products.”
There are a number of free products and services available to make it easier to update the software on your home or business PC, and reduce its susceptibility to attack:
- https://browsercheck.qualys.com/ – Visit this web page to discover if your web browser and its plug-ins are out of date. Following a quick scan it gives you a clear ‘FIX IT’ button you can click to download any updates required.
- http://secunia.com/vulnerability_scanning/personal/ – You can download and install the free “PSI” (personal software inspector) program that runs on your PC and scans for hundreds of popular software packages. It warns you about any which it finds that are out of date and even includes the option to continually run in the background and automatically install new patches.
“These two free services are really aimed at consumers and small businesses. Larger companies and government entities need to develop and implement an overall ‘patch management’ strategy throughout their digital estate. Assisting people with their security, using tools such as Symantec’s Altiris client management suite, is a fast growing part of our business at Threatscape,” says Williams.
See the full Symantec Internet Security Threat Report and have a look at this infographic that summarises the ‘Watering Hole’ concept:
The Internet Security Threat Report provides an overview and analysis of the year in global threat activity. The report is based on data from Symantec’s Global Intelligence Network, which Symantec analysts use to identify, analyze, and provide commentary on emerging trends in attacks, malicious code activity, phishing, and spam.