2009 has been titled as the most productive year for Trojan/malware writers. There were about 25 million new malware strains in 2009 compared to a combined total of 15 million in Panda Security's 20-year history. Panda Labs, the malware research arm of Panda Security, says its research laboratory receives about 55,000 daily samples with the database crossing the 40 million mark.
The previous year saw Trojans such as Zeus, UrlZone and Clampi performing their operations with a high level of anonymity. The attacks left affected users completely unaware of their presence. Every detail from identity information to financial details were reported to have been captured by these Trojans. This is a clear indication of the complexities that information security providers of today are dealing with.
The increasing adoption of cloud, social media and virtualisation technologies is blurring the network parameter by adding additional layers to cope with. Cyber criminals are employing new techniques such as ransomware, scareware and crime-as-a-service to entice unsuspecting users and threatening the enterprise at large.
2010 will see cyber crime take on a more organized persona with specialized directed enterprise attacks. And India is at the forefront of the rising Web threats, according to Internet security provider Symantec. So what are Indian companies to do?
A large number of security breaches in organisation occur due to employees' indulging in non-work related surfing. A recent survey found the average time an employee spends on non work-related websites is five hours per week. While enterprises incur a productivity loss of approximately Rs. 160,000 per employee per annum due to non work-related surfing, the more grave threat is the security threat this poses to the company. "A majority of employees today spend a significant time on the Internet when at work. However, the majority of these employees are not aware of and hence not worried about the security threats arising from the Internet" says Surendra Singh, Regional Director, SAARC, Websense Inc.
The top five challenges and trends information security providers will have to contend with in 2010 are:
- Data Leakage: organisations generate large amounts of information every day and classifying data becomes a daunting task. But without classifying, priorities cannot be established. So companies need solutions that help them classify and encrypt data on the fly (as and when information exits the organization). Another key reason for data leakage is insider threats. Technologies like data loss prevention (DLP), document right management (DRM) that will help fight these threats will be adopted on a wider scale horizontally across an organization. With TrendMicro stating that Windows 7 default settings happen to be less sheltered than Windows Vista, it won't hurt to be a little cautious.
- Virtual Security: the need to integrate security with virtualisation is more real than the system it is protecting. Averting inconsistencies from migrating between related virtual machines will play a key role in the adoption of virtualisation. A rigid barrier separating virtual machines on all levels with properly addressed memory allocations will reduce risk migration.
- Securing the Cloud: as corporations begin to adopt cloud services the cloud is more likely to suffer from cyber crime. Third-party cloud providers who offer the reliant systems to host data and applications and provide secure data pipes resistant to data infection and theft will be most preferred. User identity and access management will assume further significance in such environments.
- Scareware: applications that demand money were seen in 2009, and it is set to become more common in 2010. Rogue anti-malware software take control of a user's computer and ask for a ransom to regain control of the machine. Other scarewares con users into downloading “anti-virus” software that detects spurious infections, and asks the user for cash to remove it. “In order to avoid crimeware, Indian organizations should adopt content filtering solutions which use behavior based technology instead of signature based detection” said Sameer Ratolikar CISO, Bank of India.
- Multiplatform Bombing: with the growing popularity of multiple platforms cyber criminals are pointing the crosshairs towards non-Windows users who until now had the luxury of being relatively immune to the Windows-centric malwares that hogged the media light in 2009.
- Secure access issues: organisations now have a large number of mobile employees who require remote access to applications on a 24/7 basis. SSL VPNs and IPSec VPNs have been popular technologies to provide secure access. Organisations are now deploying advanced solutions for authentication and access management like Single sign-on and two-factor authentication.
Unified Threat Management Solutions Ideal for India
The primary reason for lack of security amongst Indian organizations is because information security systems alone sometimes cost more than a company's annual IT budget, especially SMBs.
There is some solace in the horizon with Unified Threat Management (UTM). The UTM concept encompasses facilities such as firewall, gateway antivirus, intrusion detection system (IDS), IPS, anti-malware, content filtering, antispam, virtual private network (VPN), load balancing, bandwidth management, and secure wireless access.
Unified Threat Management (UTM) allows SMBs to cover security compliance requirements enforced upon them by the new IT amendments act of 2008. "Generally, a UTM comes configured to suit the needs of most businesses without the need for significant security expertise. It is likely to be more economical than buying all the parts individually, assuming that you would need a dedicated server for the firewall in the latter case." says Graham Titterington, Ovum.