Fewer than half of small and midsize businesses actively enforce social network security policies, finds Panda Security.

By Mathew J. Schwartz
Information Week

One-third of all small and midsize businesses (SMBs) have been infected by malware or viruses that spread via social networks — most often via Facebook, followed by YouTube and Twitter. As a result, 35% experienced a financial loss.

Those findings come from a survey, conducted by Panda Security, of 315 IT personnel who have responsibility for setting or enforcing network policies at companies with between 15 and 1,000 employees. None of the surveyed organizations used Panda’s products.

According to Sean-Paul Correll, a threat researcher at Panda Security, “social media is now ubiquitous among SMBs because of its many obvious business benefits, yet these tools don’t come without serious risks.”

For example, the survey found that social networks are responsible for a sizeable number of “human error” privacy violations. In fact, 23% of organizations reported losing sensitive data via social networks thanks to their employees. Facebook was the most typical social networking channel for privacy violations, followed by Twitter, YouTube, and LinkedIn.

Still, in this day and age, it’s nearly impossible for a business to not have a social networking presence. Indeed, the study found that 78% of businesses surveyed use social media tools, with businesses having active accounts most often with Facebook (70%), followed by Twitter (44%), YouTube (32%), and LinkedIn (23%). The social networks were most often used for personal use, but even so, roughly half of firms also used them for research, competitive intelligence, customer service, and marketing. About one-third also use them for sales purposes.

Furthermore, from a security standpoint, the news from the survey is far from bleak. “While a relatively high number of SMBs have been infected by malware from social sites, we were pleased to see that the majority of companies already have formal governance and education programs in place,” said Correll.

A majority — 64% — of SMBs have security education programs covering social networks. However, only 57% of SMBs currently have a security policy governing the use of social networking, and 81% of that group employs personnel to actively enforce those policies. This means that only 46% of organizations actively enforce social networking security policies.

Interestingly, 25% of SMBs simply block all social media during working hours through a gateway appliance (65%) and/or through a hosted web security service (45%). But during non-work hours, 69% of SMBs allow employees to use social networking tools on corporate computers.

Computer Clarity

Malware that uses Valentine’s Day as a lure to trick users and infect computers is now a well-established feature of the IT security calendar.  Once again, this year it will be no surprise to see numerous emails in circulation with links for downloading romantic greetings cards, or with subjects related to Valentine’s Day. Cyber-crooks, however, are also exploiting other channels, such as Facebook or Twitter, and given the access to millions of users that these social networks provide, they have become just as popular among the criminal fraternity for spreading malware as email.Social engineering is cyber-crooks’ preferred technique for deceiving users. In these cases it basically involves obtaining confidential information from users by convincing them to take a series of actions. Crimeware and social engineering go hand-in-hand: a carefully selected social engineering ploy convinces users to hand over their data or install a malicious program which captures information and sends it on to the fraudsters.“The continued use of social engineering by cyber-crooks is a good indication of the infection ratios that this technique for tricking users returns. Otherwise, they would simply have stopped using it”, explains Luis Corrons, Technical Director of PandaLabs.

PandaLabs offers users a series of tips to avoid falling victim to computer threats:

• Don’t open emails or messages received on social networks from unknown senders.
• Do not click any links included in email messages, even though they may come from reliable sources. It is better to type the URL directly in the browser. This rule applies to messages received through any mail client, as well as those in Facebook, Twitter, or other social networks or messaging applications, etc.
• If you do click on any such links, take a close look at the page you arrive at. If you don’t recognize it, close your browser.
• Do not run attached files that come from unknown sources. Especially these days, stay on the alert for files that claim to be Saint Valentine’s greeting cards, romantic videos, etc.
• Even if the page seems legitimate, but asks you to download something, you should be suspicious and don’t accept the download.
• If, in any event, you download and install any type of executable file and you begin to see unusual messages on your computer, you have probably been infected with malware.
• If you are making any purchases online related to Valentine’s Day, type the address of the store in the browser, rather than going through any links that have been sent to you.
• Only buy online from sites that have a solid reputation and offer secure transactions, encrypting all information that is entered in the page. To check that the page is secure, look for the security certificate in the form of a small yellow padlock next to the toolbar or in the bottom right-hand corner of the screen.
• Don’t use shared or public computers for making transactions or operations that require you to enter passwords or other personal details.
• Have an effective security solution installed, capable of detecting both known and new malware strains.

Computer Clarity

PandaLabs, the anti-malware laboratory of Panda Security –The Cloud Security Company- has published its Annual Malware Report.

The report reviews the major incidents and events concerning IT security in 2009. The outstanding trend of the last 12 months has been the prolific production of new malware: 25 million new strains were created in just one year, compared to a combined total of 15 million throughout the rest of the company’s 20-year history.

This latest surge of activity included countless new examples of banker Trojans (some 66%) as well as a host of fake antivirus programs (rogueware). The report also draws attention to the resurgence of traditional viruses, previously on the verge of extinction, such as Conficker, Sality or the veteran Virutas. See the graph here.

During 2009, spam was also highly active: some 92% of all email traffic was identified as spam. The tricks used to dupe potential victims into opening these emails have focused heavily on exploiting current affairs and dramatic news stories -a tendency which also applied to SEO attacks-. As such, we saw waves of junk mail related to celebrity scandals or deaths (real or fictitious), swine flu, compromising videos of politicians, etc. This year PandaLabs also tracked how spam impacted different industrial sectors, revealing how the automobile and electrical industries were the worst affected, followed by government institutions.

As regards malware distribution channels, social networks (mainly Facebook, Twitter, YouTube or Digg), and SEO attacks (directing users to malware-laden websites) have been favored by cyber-criminals, who have been consolidating underground business models to increase revenues.

The Annual Malware Report also examines how individual countries and regions have been affected throughout the year, based on the data gathered from computers scanned and disinfected free of charge with Panda ActiveScan. Taiwan tops the rankings, followed by Russia, Poland, Turkey, Colombia, Argentina and Spain. Countries suffering fewest infections include Portugal and Sweden.
You can see this graph here.

Last year also saw a rise in the number of news stories related to cyber-attacks with political motives or targets, suggesting that this is no longer the preserve of sci-fi movies and conspiracy theorists and is now becoming a reality.

Finally, and as we announced some days ago, PandaLabs has predicted that the amount of malware in circulation will continue to grow during 2010. Windows 7 will surely attract the interest of hackers when it comes to designing new malware, and attacks on Mac will increase. While we are likely to witness more politically motivated attacks the report concludes that, once again, this will not be the year of the cell phone virus.

Computer Clarity

PandaLabs, the anti-malware laboratory of Panda Security, has released its forecast of computer threat trends for the coming year.

More clouds on the security horizon

Welcome to the cloud. In 2007, we launched our first product which took advantage of the cloud, now in 2009 all our products use it and we have launched the first 100% cloud-based antivirus: Panda Cloud Antivirus. We have also seen this year how other major security vendors have followed our steps and taken to the cloud. 2010 will be the year in which all anti-malware companies wanting to offer real-time protection will have to follow suit. And those that don’t will be out of the game.

An avalanche of malware

The amount of malware in circulation will continue to grow exponentially. The greater speed delivered by cloud-based technologies, such as Panda’s Collective Intelligence, will force malware creators to generate even more threats in order to evade detection and elimination. Once again malware will be designed almost exclusively for financial gain, and we can expect to see many new fake antiviruses (rogueware), bots and banker Trojans.

Social engineering

Cyber-criminals will again be focusing on social engineering techniques to infect computers, particularly those targeting search engines (BlackHat SEO) and social networks, along with ‘drive-by-download’ infections from Web pages.

As the football World Cup takes place in South Africa, we can also expect to see significant amounts of malware related to this event: false ticket offers, junk mail, etc. It is always a good idea to take a suspicious view of any messages related with current affairs and large events such as this.

In the case of social networks, there have already been many examples of worms and Trojans targeting Twitter, Facebook, etc. Malware creators will continue to be drawn to these types of platforms used by so many people.

Windows 7

Windows 7 will have a major impact on malware development: where Windows Vista hardly caused a ripple, Windows 7 will make waves. One of the main reasons is the widespread market acceptance of this new OS, and as practically all new computers are coming with Windows 7 64-bit, criminals will be busy adapting malware to the new environment. It may take time, but we expect to see a major shift towards this platform over the next two years.

Cell phones

Will 2010 be the year of malware for cell phones? Several security companies have been warning for some time that malware is soon to affect cell phones in much the same way as it affects PCs. Well, we hate to rain on their parade, but 2010 will not be the year of malware for cell phones.

The PC is a homogenous platform, with 90% of the world’s computers running Windows on Intel, meaning that any new Trojan, worm, etc. has a potential victim pool of 90% of the world’s computers. The cell phone environment is much more heterogeneous, with numerous vendors using different hardware and different operating systems.

Applications are sometimes not even compatible from one OS version to another. So it is once again unlikely that 2010 will see widespread targeting of cell phones by malware. In any event, this year will witness many changes in the world of mobile telephony with more smartphones offering practically the same features as a PC; the emergence of Google Phone –first phone sold directly by Google without tying users to specific operators-; the increasing popularity of Android, not to forget the success of the iPhone. If in some years there are only two or three popular platforms, and if people begin to operate financial transactions from their cell phones, then maybe we could talk about a potential breeding ground for cyber-crime.

Mac

Mac: has the danger arrived? Mac’s market share has increased in recent years. Although the number of users has yet to reach the critical mass required to make it as profitable as PCs for cyber-criminals, it is nevertheless becoming more attractive. Mac is used just as PCs are to access social networks, email, the Internet… and these are the main malware distribution systems used by cyber-criminals. Consequently, Mac is no longer a safe haven against malware. These criminals can easily distinguish whether a system is Mac, and they have malware designed especially to target this OS. In 2009 we have already seen numerous attacks, and there are more to come in 2010.

The Cloud

Cloud-based services are not just used for security. We are all using more services delivered from the cloud, often without realizing. Who doesn’t use Hotmail or Gmail as their email service, or Flickr to store photos? But cloud-based services are not limited solely to storage, they are also used for processing data. The cloud is a tool that can help save considerable costs for companies, and as such is rapidly growing in popularity. This makes attacks on cloud-based infrastructure/services far more likely.

Cyber war

Although this term is more associated with science fiction than the real-world, it’s a phrase we are about to start hearing more often. Throughout 2009, governments around the world including the United States, the UK and Spain, have expressed concern about the potential for cyber-attacks to affect economies or critical infrastructure. We also saw this year how several Web pages in the United States and South Korea were the subject of attacks, with suspicion –as yet unapproved- pointing at North Korea. In 2010 we can expect to see similar politically-motivated attacks.

Computer Clarity