The Top Three Business Security Targets
IBM's Global Business Security Index reports that virus-laden emails and criminally driven security attacks increased by 50 percent in the first half of 2005. There was a significant rise in customized attacks on government, financial services, manufacturing, and healthcare industries. The increase, along with a decrease in less profitable threats like spam and simple computer viruses, indicates a growth in targeted attacks against specific organizations and industries, with attacks no longer being focused on simply crashing an IT department's computer system. According to the report, there were more than 237 million overall security attacks in the first half of the year. The government sector was the most targeted, with more than 54 million attacks, while manufacturing ranked second, with 36 million, financial services third, with 34 million, and healthcare fourth, with 17 million.
Spawns of phishing threats like spear phishing--highly targeted or coordinated attacks at a specific organization or individual designed to extract critical data--increased more than ten-fold since January of this year alone. Unlike in previous years, when viruses were mainly created and launched to slow down and cripple IT systems, current customized attacks are designed to defraud business, steal identities, and extort money, while damaging a company's brand and eroding customer trust. All this while spam has continued to decrease over the past six months, from 83 percent to 67 percent in July 2005.
John Lutz, general manager, financial services sector, IBM, says these statistics are indicative of the new wave of security threats. "At first glance this seems to be good news, the leveling off of massive outbreaks that cripple IT environments on a regional or global basis, but hackers are turning towards more criminal areas of directing attacks," he says. Survey results supported this. The index showed that in December of 2004, one in every 52 emails was infected by some sort of malicious security threat, in January, one in every 35 emails, and by June, one in every 28 emails, signifying a 50 percent increase from last year.
Lutz maintains that companies must start taking security more seriously, and throughout all levels of the organization. "We advise businesses to adopt a holistic, enterprise-wide approach to security and risk management," says John Lutz, general manager, financial services sector, IBM. "To protect their critical data, infrastructure, brands, and money, businesses need to rethink how they protect their operations, business processes, and government structures. Companies can employ the latest protective technology while ensuring their own customers get the highest level of protection available."
Top IT Threats
Enlisting CRM to Fight Spyware
Small Business Lack IT Security