Business Processes A New Target For Cyber-Thieves

Apr 8, 2008 4:03 PM

The business use of e-mail worldwide has become so critical that the ever-increasing number of spam attacks containing malware are placing corporate and customer information at the highest levels of risk yet, according to an industry-wide survey, conducted by Internet security firm Webroot.

According to TechNewsWorld, the survey asked 1,494 e-mail security product decision-makers to explore their views about e-mail related threats and the latest methods to protect business e-mail. Respondents were from both regulated and unregulated companies and organizations in seven countries: Australia, Canada, France, Germany, Japan, the United Kingdom and the United States.

While companies are generating large volumes of e-mail and making efforts to secure and store it, cyber-criminals are targeting e-mail knowing it's a data form rich in valuable personal and corporate information, Webroot officials says. Companies need to be diligent in staying ahead of these would-be network attackers, both outside and inside their walls.

The volume of e-mail, the types of sensitive data contained in business e-mail, and most importantly, the creative methods that would-be thieves devise to steal corporate e-mail have changed over time, according to survey conclusions.

As a result, companies need to take more proactive steps to put policy rules in place and strictly enforce employee compliance with e-mail restrictions, Chris Benham, vice president of corporate marketing for Webroot, told TechNewsWorld.

"The two things that stand out the most in this new report are the dramatic increase in attacks against businesses and the casual response from company officials about protecting their e-mail," Benham says. "I am a bit surprised by the dramatic increase in the use of e-mail to get at corporate information."

The attackers are likely driven by a heightened financial motivation. Attackers are better at understanding the critical role that e-mail holds for businesses. They have stepped up their efforts to increase their financial reward, he says.

"Attackers are going where the money is by breaking into business processes. Their actions are hard to track and harder to prosecute, he says.

The Webroot survey revealed that three-fourths of all respondents says e-mail is very or extremely important for communicating with customers. More than 60 percent says it was very or extremely important to providing customer support.

Infections from viruses and spyware are the No. 1 e-mail security concern. These security worries are followed by data breaches and spam. More than half of the respondents experienced spyware and virus attacks in 2007. More than 40 percent dealt with a phishing attack.

Sixty percent of survey respondents say they are very or extremely concerned about spam. About one-third of the organizations responding experienced a moderate to major impact on system performance and employee productivity as a result of spam in 2007.

Half of the respondents say they are very or extremely concerned about inaccurately blocking legitimate e-mails. About one-fourth of all the respondents say they experienced a denial-of-service attack in 2007. More than 60 percent of organizations experienced at least one e-mail outage in 2007.

Nearly half of the respondents indicated a significant concern about employees sending sensitive company information externally. However, despite those concerns, only half of organizations with more than 100 computers have policies in place to restrict employees' personal e-mail use. Among smaller organizations with fewer than 100 computers, less than one third have employee e-mail policies in place.

Want to use this article? Click here for options!
© 2009 Penton Media Inc.

This month in Access Control

• Targeting The Customer
• Electronic Pedigrees
• One Hero Among Many
• Who? What? When? Where? Why?
• More from September's issue