December 10, 2009 By Hilton Collins
Cisco Systems released an annual report on Tuesday, Dec. 8, that identifies pesky malware strains that plague users on Web 2.0 platforms and highlights some government breaches from the past 12 months.
The 40-page Cisco 2009 Annual Security Report is all about global cyber-security dangers that we should watch for. They wreaked havoc from January to December, and the vendor encourages the worldwide Internet community to be vigilant in 2010 or risk further compromise and embarrassment.
"We're seeing rapid adoption of social media by enterprises across vertical markets, and we're seeing the opportunity to communicate and collaborate is also posing security challenges for the enterprise," said Henry Stern, Cisco's senior security researcher. "We need to work more on public-private partnerships across enterprises and government and, for that matter, collaboration among enterprises to maintain some inertia toward fighting spam, botnets and online criminals."
He explained that these digital ne'er-do-wells learn quickly, and the money-laundering industry supporting them has topped $100 million per year.
The report cited an incident in July when attackers from the Ukraine used Zeus malware to infect the county treasurer's desktop in Bullitt County, Ky., to steal authentication credentials and rob Bullitt of $415,000 over multiple wire transactions.
"We have Zeus, which is a shrink-wrapped banking Trojan designed for stealing information from people's computers, and has functionality built into it to perform what's called a man-in-the-browser attack, and this is how criminals can get past secure socket layer and two-factor authentication," Stern said.
So everyone's vulnerable, from consumers who do online banking to companies to government finance departments.
Zeus was identified in the report as code that's growing in adoption with a high success rate and high potential for profitability. Koobface, a social media worm that dupes users into downloading malware, was cited as high-growth but less profitable.
"When people are becoming more personal, revealing more personal information through things like social networks - these are opening doors for criminals to infiltrate organizations," Stern said.
Palo Alto Networks highlighted the risks Web 2.0 can bring to public and private organizations in the Application Usage and Risk Report that was unveiled on Nov. 9. As workplaces use more social media and instant messaging applications to communicate and transfer files, they open a gateway to more types of digital corruption that can bypass network firewalls.
But even those who don't think they're worth robbing or breaching can be at risk because of their connection to others.
"People will often think, 'I don't have any money in my bank account anyway. What are they going to do to me?' and not realizing the scope of damage that could be undertaken," Stern explained. The social media account could allow them to see your loved ones' information, not just yours. "They're doing that using your identity and your friends' trust of you, and that's something that you can possibly never recover."
The Cisco report also features the Global ARMS Race Index, which attempts to gauge the level of online criminal activity, from the safest at 1 to the most dangerous at 9.5+. As of this December, the global community is at an orange 7.2, meaning that "enterprise networks are experiencing persistent infections and consumer systems are infected at levels capable of producing consistent and alarming levels of service abuse."
The report also noted that criminals can target government agencies for reasons that have little to do with financial gain. In August 2009, hackers tried to use denial-of-service attacks to silence a blogger in the former Soviet republic of Georgia who criticized the Russian government.