February 24, 2010 By Hilton Collins
More and more, it seems like the weak links in enterprise security are end-users. But there may be an easy fix: A new report released this week says if organizations want to make their networks more secure, a simple browser update may do the trick.
Roughly half of the organizations analyzed in a study from software-as-a-service provider Zscaler used Internet Explorer 6, according to worldwide Web usage patterns during the last three months of 2009. IE 6 is believed to have more security vulnerabilities than the more recent IE 7 and IE 8.
Zscaler's State of the Web report was released Tuesday, Jan. 23., in which the company analyzed global Web use patterns and malware activity to come up with the findings. Public- and private-sector enterprises were included in the data.
"In a lot of large organizations, especially the Fortune 100, the security teams do understand that there's a serious risk in using old browsers," said Manoj Apte, the company's vice president of product management.
Apte said organizations are often tied to applications that work better with an older browser like IE 6, so a switch to something more current and secure might cause problems. In these cases, a business model may hinge on a piece of technology that leaves the organization vulnerable to infiltration.
"It isn't grandma and grandpa who aren't updating their IE. It's corporations that aren't adopting newer and secure technologies," said Mike Geide, a Zscaler senior researcher.
The survey research found that 48 percent of enterprises analyzed use IE 6, 46 percent use IE 7, 5 percent use IE 8 and 1 percent use another version. IE 6 doesn't maintain malicious URL and phishing block lists, which is common in all major browsers. More than 70 percent of the enterprises included in the data used some version of IE in October, November and December 2009.
Zscaler also revealed countries that are home to the servers hosting the malware that's plaguing organizations today - the U.S. is home to 80 percent. It's also home to three of the top 10 botnets scouring the Web today. The No. 1 IP address producing malware was from the Ukraine and produced about 44.11 percent of the botnets detected in the fourth quarter of 2009, including some pesky Zeus infections. A Zeus trojan recently infected more than 74,000 PCs around the globe.
The remaining four of the top five IP addresses responsible for many of the successful botnets during the end of 2009 were the United States' 220.127.116.11 at 15.7 percent, the Russian Federation's 18.104.22.168 at 9.8 percent, Sweden's 22.214.171.124 at 8.4 percent and Sweden again, with IP address 126.96.36.199 at 7.0 percent.