SC Studio: Web viewed as most likely route to malware infection, as visiting legitimate websites seen as best way to reduce the risk
The latest SC Studio has identified feelings and perceptions on employee use of the web and how malware is downloaded.
Based on a survey by Symantec Hosted Services and SC Magazine, it found that employee use of the web was perceived as the most likely route to malware infection, with 67.6 per cent of respondents selecting this option ahead of email (28.4 per cent) and instant messenger (3.9 per cent).
Dan Bleaken, senior malware data analyst at Symantec Hosted Services, said: “In some ways, the fact that this is seen as one of the biggest threats is somewhat reassuring. The reality is that the cyber criminals are looking for any way to get in and compromise your business resources and home resources by any means that they can make use of.
“What we see today is attacks by multiple protocols, so people are used to problems with email such as spam, which can cripple company resources, and also malicious email that can come through, and if a user makes a bad decision and clicks on a link, they can become infected.”
Commenting on the shift to web-based threats, Bleaken said that there are so many opportunities online for cyber criminals.
“There are so many ways that they can abuse the components of websites today that there is a very fast turnover today of attacks on various websites, so staff and home users are at risk not just from the web, but from all protocols,” he said.
The vast majority of respondents also revealed that blocking of specific URLs was the main option to control employee web access (64.7 per cent), while 59.8 per cent apply rules on the category of the website. A third (38.2 per cent) apply rules by users and 20.6 per cent have time-based rules.
Rick McConnell, chief security officer at Euroclear, said: “The problem with that approach, which is a very command and control based one, is who decides the appropriate URLs and websites? There are societal judgements about what is good and bad behaviour, browsing the web is bad and using email is easier to see who is productive, and I think that this is one of the great problems that we have.
“If I block various things that they can access from their workstation, what about all of the mobile computing devices that people have? I have a great problem with ‘security by fear' saying ‘if you do this bad things will happen', as very often bad things don't happen so that falls apart. Then, you can't watch all of the people all of the time, you can't watch all of the devices that they may use, so if you go for a command or control based system, as opposed to a behavioural system, then you are on the road to perdition really.”
In terms of the perception of how users can become infected, 89.2 per cent believe it is done by downloading files, 85.3 per cent said it was by visiting a website and 84.3 per cent said that it was by following an advert on a website.
Bleaken said: “With the best will in the world, staff do have the best intentions and are careful whilst browsing the internet, but it is no longer the case that safe surfing, or being aware while you are surfing the net, is necessarily any protection at all.”
McConnell said: “What are the good and bad sites: Facebook and Twitter, bad? TED and LinkedIn, good? If you look on the education sites, where they do peer review and are encouraged to share information as a collaborative approach to problem solving. If criminals are in there with intent, they want you to know that they are in there capturing that intellectual property.
“That is another aspect of the problem – it is easy to say that's bad, but you move quickly to where the end users perceive real value to the company and what they are doing, and they are trying to improve the quality of the work that they are doing.”
In response to the statement ‘in order to become infected, a web user has to perform an action on a website', 66.7 per cent agreed, with 33.3 per cent against.
Another statement read: ‘to reduce the risk of malware infection in your business, users should only visit legitimate, mainstream websites', 73.5 per cent agreed, with 26.5 per cent disagreeing.
The latest SC Studio can be viewed here - http://www.scmagazineuk.com/sc-studio/section/1096/