Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    Risky Employee Behavior on Web Threatens Corporate Networks

    By
    Brian Prince
    -
    January 17, 2007
    Share
    Facebook
    Twitter
    Linkedin

      Research by FaceTime Communications has found risky Internet activity by employees poses an increasing threat to network security for corporate enterprises.

      While the number of unique malware instances was down last year when compared with the 2000 identified in 2005, FaceTime researchers warn todays malware is stealthier, more complex and harder to identify and defend against. According to an analysis of threats tracked or identified by FaceTime Security Labs, 1,224 unique threats on “greynet” applications— programs that network users download and install on their computers, usually without the knowledge of their IT department—were reported in the past year, with attacks over peer-to-peer networks increasing by 140 percent over 2005 levels and multichannel attacks jumping to 29 percent of all attacks in 2006 from 18 percent the prior year.

      “The numbers alone dont tell the story,” said Chris Boyd, director of malware research at FaceTime Security Labs, in a statement. “The sources of the most insidious threats we identified in 2006 are not the glory-hungry hackers of yesterday. These are cyber-criminals and click-fraud experts who are well-funded, extremely savvy, and their M.O. is to stay in the background and collect as much information as they can before moving on to the next target.”

      But the doorway to critical data is sometimes opened unwittingly by employees as they introduce greynet applications onto the corporate network without the sanction of their IT department, FaceTime officials said. According to the companys Second Annual Greynets Survey, 39 percent of users believe they should be allowed to “install the applications they need on their work computers,” independent of IT oversight or policy, while 53 percent of users report they “tend to disregard” company policies that govern greynet usage, specifically IM and peer-to-peer file sharing.

      /zimages/4/28571.gifIM malware attacks are on the rise. Click here to read more.

      Meanwhile, the study found 80 percent of IT managers are at locations that have experienced greynet-related attacks within the last six months.

      “Despite myriad security technologies employed by enterprise IT managers to block malicious attacks, the user is often the biggest vulnerability, especially on the real-time, socially-networked Web” said Frank Cabri, vice president of marketing for FaceTime, in a statement. “In 2007, the biggest security risk for organizations is likely to be their own users, as employees install consumer-oriented greynet applications onto their workplace computer faster than the IT team can keep up with the corresponding controls.”

      The motive of the purveyors of malware is largely financial, with the major malware discoveries of 2006 all pointing toward botnets designed to gather personal or banking data for malicious means, FaceTime officials said.

      Researchers also outlined some of the top security threats of 2006, including an incident in March when the “Carder” botnets—collectively representing up to 150,000 compromised computers—used a custom-built Perl script to fraudulently scan desktop and back-end systems to obtain credit card numbers, bank accounts and other personal information. The operators could potentially launch these scans from any computer on the botnet to mask their actual location, FaceTime officials said.

      “It is more important to understand that, although major network disruptions dont seem to result from malware attacks propagated via IM, the sophistication, complexity and stealthy behavior of these threats make them far more dangerous, ” Boyd said.

      Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Ryan Naraines eWEEK Security Watch blog.

      Brian Prince

      MOST POPULAR ARTICLES

      Big Data and Analytics

      Alteryx’s Suresh Vittal on the Democratization of...

      James Maguire - May 31, 2022 0
      I spoke with Suresh Vittal, Chief Product Officer at Alteryx, about the industry mega-shift toward making data analytics tools accessible to a company’s complete...
      Read more
      Cybersecurity

      Visa’s Michael Jabbara on Cybersecurity and Digital...

      James Maguire - May 17, 2022 0
      I spoke with Michael Jabbara, VP and Global Head of Fraud Services at Visa, about the cybersecurity technology used to ensure the safe transfer...
      Read more
      Applications

      Cisco’s Thimaya Subaiya on Customer Experience in...

      James Maguire - May 10, 2022 0
      I spoke with Thimaya Subaiya, SVP and GM of Global Customer Experience at Cisco, about the factors that create good customer experience – and...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      Cloud

      Yotascale CEO Asim Razzaq on Controlling Multicloud...

      James Maguire - May 5, 2022 0
      Asim Razzaq, CEO of Yotascale, provides guidance on understanding—and containing—the complex cost structure of multicloud computing. Among the topics we covered:  As you survey the...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×