Much has made recently of the “insider threat” and how it can affect an organization’s data security. But which is really a bigger threat to your organization? A hacker or a disgruntled employee with access to the company’s confidential data?
The answer might surprise you. Although the intent of a hacker is generally more insidious (stealing your banking log-in, for example), the insider threat is actually more costly simply due to an employee’s access to company data.
A recent survey, “2011 CyberSecurity Watch Survey” found that, although there are more instances of cyber threats, their overall cost is less than that of an insider-caused data breach. The survey concluded that more attacks (58%) are caused by outsiders (those without authorized access to network systems and data) versus 21% of attacks caused by insiders (employees or contractors with authorized access)… however 33% view the insider attacks to be more costly.
Click here for the full story at SecurityWeek.
Data Security
In this BankInfoSecurity interview, a lead administrator of the ACH network discusses how cyber-criminals are targeting corporate bank accounts:
it’s a type of identity theft really in which cyber thieves gain control of business’ bank account by stealing the business’ valid online banking credentials. So these credentials are stolen through malware that is installed on a computer, and it can happen in a few different ways. So among those ways could be infected documents that are attached to an email, and the business clicks on that email that document, or a link contained within the email that connects to an infected website. Or a business could use an USB port, a flash drive, so they put the flash drive that has been infected into the USB port.
Once the credentials are stolen, the thief has access to online bank accounts and can fraudulently transfer funds out of the country. This may explain why USB autorun trojans are now the biggest malware threat worldwide according to a recent McAfee study.
Data Security
The trojan Generic! Atr, which spreads via USB devices, is the most common malware issue worldwide according to a new report from McAfee released today. A second virus that targets removable devices is currently in the No. 3 spot. The popularity and portability of USB memory sticks has made them a favorite for hackers. People unwittingly spread the malware every time they plug into a new machine.
Kanguru has integrated Anti-malware protection directly into the Defender Elite flash drive to reduce these threats. Using Bit Defender’s AV engine, the Defender Elite will scan files in real time as they are transferred to the device. The flash drive can also be used to disinfect the host computer.
Data Security, Malware, Portable Storage
Kanguru is pleased to announce a new technology partnership with anti-virus provider BitDefender. Read the full announcement.
BitDefender is a global leader in virus and malware protection. The company’s products have won numerous awards and recognitions, including a #1 rating in protection from Consumer Reports in 2008.
Kanguru and BitDefender are teaming to provide onboard anti-virus scanning on the Defender Elite encrypted USB drive. All files stored on the drive are scanned to prevent malware from spreading through USB ports. Kanguru is including a 1-Year subscription with every purchase of the Defender Elite.
Data Security, Malware, Portable Storage
A new report from Microsoft highlights the threat from malware that automatically loads from USB flash drives.
The Washington Post Security Fix has a good summary:
In its latest “Security Intelligence Report,” Microsoft counted the number of threats detected by its anti-malware desktop products, and found that the Conficker worm, along with a Trojan horse program called Taterf which steals passwords and license keys for popular computer games, were detected on 5.21 million and 4.91 million Windows computers, respectively.
Kanguru takes the autorun threat very seriously and is designing its secure flash drives to counter the risk. The Defender Elite encrypted flash drive features a secure vault that launches Kanguru’s encryption application. The vault cannot be altered by hackers or used to launch autorun attacks. In addition, Defender Elite will soon feature an onboard anti-virus/anti-malware scanner that will check all files that are stored on the device.
Data Security, Portable Storage
From The Globe and Mail:
According to the study, IT security breaches – everything from viruses to intellectual property theft to abuse by employees – cost the average Canadian organization $834,149 in 2009, almost double the amount reported in last year’s study. The average number of reported IT security breaches also soared to 11.3 per organization in 2009, compared to three per organization in 2008.
Part of the increase was attributed to smaller IT budgets and the economic downturn. The increase in reported incidents may also mean that companies are doing a better job of detecting breaches. Insider threats were the fastest growing catagories.
Data Security, Malware
London Evening Standard: A computer virus crippled a London council for weeks after a worker accidentally plugged an infected memory stick into a computer. The emergency recovery has cost £501,000 (~ $820,000) thus far.
Lib-Dem councillor Gary Malcolm, who is also an IT specialist, said: “I will be calling for heads to roll. Half a million pounds is a hell of a lot of money to throw away at a time the council says it is strapped for cash. If this had happened in a private company, people would be sacked.”
USB flash drives are a popular vehicle for delivering malware onto computer networks and the threat needs to be taken seriously. This incident is similar in nature to last week’s mysterious laptops that the FBI is now investigating.
Defender Elite, the next generation secure drive from Kanguru, will feature onboard anti-virus scanning to prevent malware from getting anywhere near your USB ports.
Data Security, Government, Malware, Portable Storage
More information on how to prevent or recover from auto-run malware on USB flash drives:
Wiz’s Computer and Website Security Blog
Data Security, Malware
Follow us on Twitter