Malware infections are out of control

Contrary to popular belief, there is little evidence that on-line security risks increase because employees are accessing "shady" web-sites according the Cisco's 2013 Annual Security Report.   Quite the contrary, it reveals that the highest concentration of online security threats do not target pornography, pharmaceutical or gambling sites as much as they do legitimate destinations visited by mass audiences, such as major search engines, retail sites and social media outlets.  In fact, Cisco found that online shopping sites are 21 times riskier.  Search engines are 27 times more likely to deliver malicious content.  Viewing online advertisements? Advertisements are 182 as times likely to deliver malicious content than pornography.

Hacker rely on these popular sites to spread their payloads as fast and as wide as possible.  The latest data shows that Internet users in the U.S. are by far the most likely to encounter malware primarily because of our use of these sites combined with loose security in most of our businesses.  While large corporations spend millions of dollars to protect their IT information assets, smaller organizations may times treat malware remediation as an afterthought and spend very little there.  Further still, most small employer either don't understand the risks of malware intrusion or fear making their workers unhappy by cracking down on non-business Internet activities.  Too many times they say "Oh, what harm can a little on-line shopping or "Facebooking" do?  Then when Cornficker or Crypto-Locker hits, they exclaim "How could this happen?  I bought anti-virus!"

Where is malware most prevalent?  Here are some interesting statistics by country.
Number of users that encounter malware:

1. United States                              33.14%
2. Russian Federation                      9.79%
3. Denmark                                       9.55%
4. Sweden                                         9.27%
5. Germany                                       6.11%
6. China                                            5.65%
7. United Kingdom                            4.07%
8. Turkey                                           2.63%
9. Netherlands                                   2.27%
10. Ireland                                         1.95%

Could the disparity in frequency of malware encounters be attributable to differences in Internet use in the different countries?  Sure, but it could also be that employee's at companies in the U.S. goof off at work more using their computers where statistics indicate that between 25-30% of worker productivity is lost at the office because of on-line shopping, Facebook and other social media sites.  These are prime targets for malware hackers.

It was also reported that younger employees (aka Gen Y) are more likely to ignore corporate IT policy than their older co-workers which increases corporate risk.

For example:

 While 90% of IT professionals say that they have policies governing use of certain devices at work only 40% of Gen Y workers said that they were aware of such a policy.

 

4 out of 5 younger workers say they don't obey those policies.

 

66% of Gen Y workers polled said that corporate IT has no right to monitor their on-line behavior even if they are using company devices.

 

What's it all mean?  For the first time, infected web content exceeded e-mail as the number one delivery mechanism for malware.  Obviously, employees (particularly younger ones) are not paying attention to company rules on how to use the web.  Malware costs small and large businesses in the U.S. billions of dollars each year cleaning it up not to mention lost productivity which, as stated earlier, exceeds 25% in certain segments of the workforce.

 

Recently, I was approached by a client who was concerned that her employees were posting their resumes on-line from their company computers and wanted us to help her with Internet content control to stop them.  Less that 3 months ago her entire server was corrupted by an employee shopping on-line with a company computer and was infected with Crypto-Locker.  Nearly 100,000 documents were rendered useless with a single mouse click.  Lady, you got bigger problems than just stopping resume posting! 

 

What about you?

 

Using anti-virus programs to control the latest versions of malware is recognized as a losing battle.  You need to look at a more comprehensive malware defense system.  In my soon to be released e-book "Building An Effective Malware Defense Strategy" due out in April, I show businesses the latest methods for controlling malware both inside the network and on portable devices used for company business.

 

 

Jeff Hoffman is an IT consultant with ACT Network Solutions specializing in network security, management and data protection.  He can be reached at jhoffman@act4networks.com.