CEOs more vulnerable to phishing attacks says Symantec SVP Francis deSouza as criminals evolve attacks

News by Paul Fisher

The SVP of Symantec's Security Group, Francis deSouza has revealed to SC that CEOs and other C-level executives are increasingly falling victim to more sophisticated phishing attacks, often disguised as official communications from government agencies such as revenue.

The SVP of Symantec's Security Group, Francis deSouza has revealed to SC that CEOs and other C-level executives are increasingly falling victim to more sophisticated phishing attacks, often disguised as official communications from government agencies such as revenue.

“Typically the CEO will not have time to analyse such emails and will pass them onto a CFO who passes on until such time as it reaches a more junior employee who, reassured by the fact that senior people have forwarded the mail, will click on a malicious link,” he said.

It's not just bogus compliance demands that hard-pressed CEOs need to worry about according to deSouza. The global recession has meant that incidents of corporate espionage and IP theft are increasing as businesses fight for market share.

“Competitive advantage is fleeting these days. The market for stolen company information is huge and growing. Overall the FBI has estimated the value of all kinds of stolen company information as between $600bn and $1tr,” he said.

A phenomenon known as 'data spillage', whereby data is copied and moved by employees without authorisation, is also contributing to the sums and making criminal's lives easier, according to deSouza.

“A US government agency was attacked when criminals were able to access employee information that had been transferred from HR into IT to run system tests” he said. Typically criminals will enter corporate networks to see what information there is and where it is stored before evaluating the trade off between black market value and how well protected it is, according to deSouza.

Symantec  released more AV signatures in 2008 than it did in the entire 17 years of existence previously.  However, criminals are switching tactics from mass distribution of a few threats to micro distribution (typically less than ten PCs) of millions of adaptive pieces of malware  – making it difficult for companies such as Symantec to develop signatures.

In a bid to thwart such micro distribution, Symantec is rolling out its Quorum file-based reputation service for its customers. This  logs all applications including malware running on users PCs and tracks its activity.

DeSouza said that he expects around 15 per cent of Symantec's  revenues will eventually come from SaaS but it has no intention of becoming a services led business like IBM or HP.

Topics:

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Upcoming Events