RSA Europe 2013: SMB Websites More Toxic than Pornographic Sites says Symantec

Special interest sites and small business websites are often the victim of neglect, due to their creators “setting them up and then leaving them unpatched.” The incentive to secure these sites is often lacking, Sian John told Infosecurity.

On the other hand, the commercial nature of pornography sites incentivises the business to ensure sites are secure and well patched. “It’s in their best interest to allow users to consume their product without disruption.” Customer loyalty, she said, is important to pornography sites, and as such, preserving their anonymity is crucial.

“A data breach could be very embarrassing to site users, and would deter their use of the service. [Pornography businesses] take this very seriously”, she explained. IT and IT security staff are also paid a higher wage within the pornography business, said John, “and adult sites often offer prizes for finding vulnerabilities”; one of many contributing factors to why John believes malware and vulnerabilities are more prevalent on SMB sites.

The Mobile Threat

Mobile threats have becoming increasingly concerning, said John. “We’re becoming more connected and [cybercriminals] exploit that. For some reason, people don’t practice the same security that they do on a laptop on their tablets or their phones”.

Statistics from the Symantec mobile threat report support John’s belief. In a survey of 13,000 people, 90% said they would not open a suspicious file on a PC, but only 60% said they would exhibit the same caution on a tablet and 56% on a smartphone.

According to John, the biggest corporate mobile threat is losing an unprotected device without a password. “Mobile threats are still fairly immature but they’re making money.” People, said John, are still your biggest risk, and they are difficult to patch.

According to the survey 38% have experienced mobile cybercrime in the past year and 12% have had their social networks hacked.

“Users need to take the lessons learnt on PCs and apply them to their mobile devices and social media”, concluded John.



What’s Hot on Infosecurity Magazine?