Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

Cisco annual information security report highlights

According to the security and networking company, as more organisations recognise that a presence on social networks is an absolute business requirement, the more at risk they are from a potentially devastating combination of minor vulnerabilities, poor user behaviour, and outdated security software.

Delving into the report reveals that social media experienced explosive growth in 2009.

Facebook alone, for example, tripled its active user base to 350 million over the course of the year. And social media adoption is expected to continue growing into 2010, especially as more organisations realise the value of social networks as an absolute business requirement, Cisco said.

The report noted that social networks have quickly become a playground for cybercriminals because members of these sites put an inordinate amount of trust in the other members of their communities and often fail to take precautions to prevent the spread of malware and computer viruses.

The annual security report also provided more information on what it called the potentially devastating combination of minor security vulnerabilities, poor user behaviour, and outdated security software that can dramatically increase risks to network security.

According to Cisco, the most audacious criminal operation in 2009 was Zeus, a trojan that delivers malware by targeted phishing and drive-by downloads.

Zeus, the report said, goes beyond login names and passwords to steal numerous online banking credentials. Affordable toolkits are enabling cybercriminals to create variants of Zeus that are difficult to detect by anti-virus programmes. During 2009, the Zeus botnet infected almost four million computers worldwide.

It's not all doom and gloom, however, as Cisco said that the Conficker Working Group - which is composed of members of the security community and industry - is credited with significantly muting the impact of the network worm Conficker, which was anticipated to wreak havoc starting on 1 April.

The most notable criminal innovation during the year was Koobface, a worm which regenerated itself, first appearing on Facebook in 2008, then Twitter in 2009.

Koobface, Cisco said, lures users into clicking a link for a YouTube video that launches the worm. More than 3 million computers have been infected by variants of this malware.

Patrick Peterson, a fellow with Cisco, said that the the blending of social media for business and pleasure increases the potential for network security troubles, and people, not technology, can often be the source.

"Without proper cognisance of security threats, our natural inclination to trust our `friends' can result in exposing ourselves, home computers and corporate networks to malware", he said.

"The value of social media is becoming acknowledged increasingly by businesses, but these same organisations need to provide the proper training and education to ensure that employees avoid compromising themselves and their businesses", he added.

Infosecurity notes that Peterson has highlighted the most interesting aspects of the report and posted them on YouTube.

What’s Hot on Infosecurity Magazine?