Friday, February 26, 2010

Symantec survey finds 100% of businesses hit by a cyber loss in 2009
Norton Anti-virus developer, Symantec, found that 100% of the businesses they surveyed regarding Internet security had been hit by a cyber loss last year - that's right, every single one.

by Helen Leggatt

Symantec's survey, conducted in January this year, included 2,100 businesses and government agencies from 27 countries. Astoundingly, every one of those businesses had suffered a cyber loss in the preceding 12 months, which could have been anything from theft of customer credit card/financial data to theft of intellectual property.

For 92% of respondents the cyber theft led to significant costs due to loss of customer trust, falling employee productivity and decreased revenues.

The survey also discovered that three-quarters of the businesses had experienced some form of cyber attack in 2009, of which 41% were "somewhat/highly effective".

According to an IT project manager at a mid-sized federal agency, "You can sit and watch our monitors and see people try to attack us." A MIS director at a mid-size enterprise found the situation "beyond crazy" as he described seeing new viruses, spyware and backdoors every day.

However, most companies appear to be taking the situation seriously. Forty-two percent of companies ranked cyber security as a top priority, ranking it over traditional criminal activity (17%), brand-related issues (17%), natural disasters (14%) and terrorism (10%).

2010 will see nearly all (94%) of businesses make changes to their cyber security efforts, found the "State of Enterprise Security" report (.pdf), with nearly half (48%) intending those changes to be major.

Call Capitol City Geeks to protect your business; 877-HAV-GEEKS (428-4335)

Zeus Trojan found on 74,000 PCs in global botnet

More than 74,000 PCs at nearly 2,500 organizations around the globe were compromised over the past year and a half in a botnet infestation designed to steal login credentials to bank sites, social networks, and e-mail systems, a security firm said Wednesday.

The systems were infected with the Zeus Trojan and the botnet was dubbed “Kneber” after a username that linked the infected PCs on corporate and government systems, according to NetWitness.

The Wall Street Journal reported that Merck, Cardinal Health, Paramount Pictures, and Juniper Networks were among the targets in the attack. NetWitness speculated that criminals in Eastern Europe using a command-and-control server in Germany sent attachments containing the malware in e-mails or links to the malware on Web sites that employees within the companies clicked on.

NetWitness said it discovered more than 75 gigabytes worth of stolen data during routine analytic tasks as part of an evaluation of a client network on January 26. The cache of stolen data included 68,000 corporate login credentials, access to e-mail systems, online banking sites, Facebook, Yahoo, Hotmail, 2,000 SSL (Secure Sockets Layer) certificate files and data on individuals, NetWitness said in a statement and in a whitepaper available for download from its Web site.

In addition to stealing specific data, Zeus can be used to search for and steal any file on the computer, download and execute programs and allow someone to remotely control the computer.

More than half of the compromised machines were also infected with peer-to-peer bot malware called Waledac, the company said. Nearly 200 countries were affected, with most of the infections found in Egypt, Mexico, Saudi Arabia, Turkey and the United States.

The news comes after Google announced an attack targeting it and what is believed to be more than 30 other companies and which was linked back to China. McAfee dubbed that attack “Operation Aurora.”

“While Operation Aurora shed light on advanced threats from sponsored adversaries, the number of compromised companies and organizations pales in comparison to this single botnet,” said Amit Yoran, chief executive of NetWitness and former Director of the National Cyber Security Division. “These large-scale compromises of enterprise networks have reached epidemic levels.”

Call us today 1-877-HAV-GEEKS (428-4335) or visit us online at

Tuesday, February 23, 2010