7 biggest PC threats

 

picture1

You think hacking is the biggest security threat on the World Wide Web? Time to rethink. According to Microsoft’s bi-annual Security Intelligence Report, rogue software and the lost and stolen PCs are the biggest culprits.
Here are the top seven security threats to our PCs.

 Stolen PCs

clip_image001

Lost and stolen equipment, not computer hacking, continue to be the most common cause of security breaches. Over 50 per cent of the security breaches (that led to data loss) reported in second half of 2008 were a result of stolen or lost PCs.
To mitigate this threat, organizations must implement strong data governance practices to help protect data from criminal access.

Rogue security software

 

picture2

Also known as "scare ware," it takes advantage of users' desire to keep their computers protected. The rogue software lures users into paying for protection that is actually malware offering little or no real protection, and is often designed to steal personal information. The Microsoft Security Intelligence Report shows that such programs are now among the top threats across the world.
For example, two rogue families, Win32/FakeXPA and Win32/FakeSecSen, were detected on more than 1.5 million computers by Microsoft, catapulting them into the top 10 threats in the second half of the year. In addition, Win32/Reno's, a threat that is used to deliver rogue security software, was detected on 4.4 million unique computers, an increase of 66.6 per cent over the first half of 2008.

Rogue security software and other social engineering attacks such as these compromise people's privacy and are costly; some take personal information and drain bank accounts, while others infect computers and rob businesses of productivity.

Application layer

clip_image001[4]

The report also showed that as software companies have improved the security of their operating systems, attackers have shifted their focus to the application layer, where the majority of vulnerabilities are now being reported; nearly 90 per cent of vulnerabilities disclosed in the second half of 2008 affected applications.

Rogue security software and other social engineering attacks such as these compromise people's privacy and are costly; some take personal information and drain bank accounts, while others infect computers and rob businesses of productivity.

 Exploiting vulnerabilities

clip_image002

A home user is usually targeted by a Trojan attack. While for enterprises, the weapon of choice is a worm attack. The biggest difference between enterprise and home vulnerabilities is social engineering.
The social engineering messages used in connection with rogue security software may be less effective in an enterprise environment, where malware protection is typically the responsibility of the IT department.
Worms rely less on social engineering to spread than Trojans and downloader's. Worms channels include unsecured file shares and removable storage volumes, both of which are often plentiful in enterprise environments.

Malware

clip_image003

Malware still remains a dominant threat. In the US, malware accounted for 67 per cent of all infected computers. Trojans -- the miscellaneous variety -- were detected on 29.4 per cent of infected computers.

Removal of unwanted software

clip_image004

Users don’t always remove unwanted software. Most security software companies’ scans allow users to ignore a security alert, allow software to remain, quarantine or remove it. If software is really malicious it is removed without user input. The gray areas appear when users have a choice.
These decisions are influenced by a number of factors, such as the user’s level of expertise, how certain they feel about their judgment regarding the software in question, the context in which the software was obtained, societal considerations, and the benefit (if any) being delivered by the software or by other software that is bundled with it.

picture3

Social networking is getting hotter, and with it riskier. Social networking sites remain one of the top phishing targets. Social networking phishing attacks represented less than 1 per cent of attacks, but yield a big chunk of phishing impressions.
A typical social network phishing is likely to trick many more users than a typical financial phish. There are a number of explanations for this discrepancy. While financial institutions targeted by phishes can number in the hundreds, just a handful of popular sites account for the bulk of the social network usage on the Internet, so phishes can effectively target many more people per site.
In addition, phishes often use the messaging features of the sites themselves to distribute their attacks, typically by gaining control of a user’s account and using it to send phishing messages to the victim’s friends. These attacks are more effective than email-based attacks as they exploit the considerable level of trust that users place in their friends.

Some Featured Posts:

  • What Woman want in life....
  • Asin – Best South Cinema face
  • Shahrukh Khan Exclusive 2009 Calendar Launch
  • IPL News 2009 | Top Stories
  • Blue - All Rise | International Hit Songs Lyrics
  •