Mobile, Social Networks Threaten IT: Symantec

In its mid-year security update, Symantec warned that IT managers face both old threats and new. Malware purveyors continue to use e-mail as a vector of infection, and spam now accounts for 90 percent of all mail, but the bad guys are also using new technologies such as social media and new business methods such as scareware to spread their reach.

The purpose of the mid-year report is to raise awareness about the problem. “If attacks are profit-motivated, they are taking advantage of all vulnerabilities, including human psychological vulnerabilities,” Zulfikar Ramzan, Symantec (NASDAQ:SYMC) Security Response technical director, told

“To the extent we can shore up the human factor by raising awareness, we make the Internet a safer place,” he explained.

But making the Internet safe for business is no simple task for the IT manager in 2009. “The IT manager’s job is not getting easier,” said Ramzan. “Attacks are getting more sophisticated and then there’s the problem of what the IT budget will look like in six to nine months. Life is not getting easier.”

New challenges

One new challenge is the incursion of home technologies into the office.
“It’s the consumerization of IT,” said Ramzan. “Individuals use ‘consumer tools’ on-site, making it more challenging for the security manager.”

Such tools include consumer mobile devices and also social networks, thus spanning the gamut from hardware to software. “Mobile has long been the next frontier for attackers,” said Ramzan. He added that no one operating system or tool dominates the space, making attacks less profitable than they would be in a monoculture.

He said that there have been few attacks so far, but that could change.
“Perhaps the adoption of the iPhone or another common technology may open up an opportunity for attackers,” he said.

Social networks, on the other hand, have been a security
for some time. Ramzan said that social networks are increasingly used as a conduit for attacks because messages sent through them are more likely to be trusted.

“If a message is coming from someone they know, users are more likely to do things that compromise their security,” he said.

“There is an imbalance between who causes the problem and who cleans it up,” he added diplomatically.

Old threats

Even as new security conundrums harass enterprise IT experts, worms and other old threats continue their assaults on corporate networks. “The reality is that these types of threats have not gone away, but have been overshadowed by profit-driven activity,” said Ramzan.

Users don’t need to do anything wrong, as cross-site scripting, comment spam with bad links, and poisoned ads can all make even legitimate sites risky. Some have argued that legitimate sites are riskier than the Web’s back alleys.

The issue of P2P software in the enterprise is not new, but the problem was highlighted recently by congressional testimony. It is a subset of a larger problem: that of unauthorized software in enterprise networks.

“Take, for example, a program that can view online videos. On the one hand, there are benefits. There could be lectures on topics relevant to the user’s work but maybe there are also videos that should not be viewed at work,” Ramzan said.

“We need to maximize productivity but not allow so much flexibility that corporate information assets are put at risk,” he added.

News Around the Web