In addition, nearly 20% of those surveyed believe that social networking scams are the top threat, according to an online poll of 4,300 respondents conducted by Sophos at the end of 2011.
Sophos released the survey results in conjunction with its 2012 threat report, which found a significant growth in the volume of malware and infections, as well as a shift toward attacks on mobile devices.
The report identified an average of 30,000 newly infected web pages each day. Sophos noted that drive-by downloads have become the top web threat, and in 2011, one crimeware kit – known as Blackhole – rose to the number one on that list.
In addition, the report noted the emergence of hacktivism as a prominent trend in 2011. The exploits of LulzSec and Anonymous marked a shift from hacking for financial gain to hacking as a form of protest. “Hacktivists sowed chaos by leaking documents and attacking websites of high-profile organizations and even defense contractors. LulzSec dominated headlines in the first half of the year with attacks on Sony, PBS, the US Senate, the CIA, FBI affiliate InfraGard and others, and then disbanded after 50 days”, Sophos noted.
The consumerisation of IT has become one of the newer causes of data vulnerability, the report observed. Employees are increasingly accessing sensitive corporate information from their home computers, smartphones, and tablets. According to the Sophos online poll, nearly 50% of respondents said that their company allows personal laptops, desktops, or phones for work.
"As we continue to access information in different ways, from different devices in different locations, security tools must be able to ‘protect everywhere’ – from desktops to mobile and smart devices and the cloud. But more importantly and oft-disregarded, cybercriminals will continue to stalk the easiest prey – security basics like patching and password management will remain a significant challenge”, said Mark Harris, vice president of SophosLabs.