Corporate Security at Risk from Social Networks Claim Three Out of Four Businesses

BOSTON-- A report published today by IT security and data protectionfirm Sophos has revealed an alarming rise in attacks on users of socialnetworks, such as Facebook and Twitter, by cybercriminals.

Sophos’s “Social Security” investigation reveals that criminals haveincreasingly focused attacks on social networking users in the last 12months, with an explosion in the reports of spam and malware:

    * 57% of users report they have been spammed via social networking sites, a rise of 70.6% from last year
    * 36% reveal they have been sent malware via social networking sites, a rise of 69.8% from last year

“Computer users are spending more time on social networks, sharingsensitive and valuable personal information, and hackers have sniffedout where the money is to be made,” said Graham Cluley, seniortechnology consultant for Sophos. “The dramatic rise in attacks in thelast year tells us that social networks and their millions of usershave to do more to protect themselves from organized cybercrime, orrisk falling prey to identity theft schemes, scams, and malwareattacks.”

72% of Firms Worried Workers Behavior on Social Networks is Putting Their Business at Risk

Sophos surveyed more than 500 organizations*, and discovered that 72%are concerned that employee behavior on social networking sites exposestheir businesses to danger, and puts corporate infrastructure – and thesensitive data stored upon it – at risk.

The “Social Security” survey is just one part of Sophos’s 2010 SecurityThreat Report, which explores current and emerging computer securitytrends. It reveals that criminals identify potential victims on socialnetworks, and then attack them, both at home and at work. In Sophos’sopinion, many Web 2.0 sites are concentrating too much on growing theirmarketshare at the expense of properly defending their existing usersfrom Internet threats.

Facebook – The Most Feared Social Network?

Survey respondents were also asked which social network they believed posed the biggest security risk, with 60% naming Facebook:

    * 1. Facebook: 60%
    * 2. MySpace: 18%
    * 3. Twitter: 17%
    * 4. LinkedIn: 4%

“We shouldn’t forget that Facebook is by far the largest social network– and you’ll find more bad apples in the biggest orchard,” explainedCluley. “The truth is that the security team at Facebook works hard tocounter threats on their site – it’s just that policing 350 millionusers can’t be an easy job for anyone. But there is no doubt thatsimple changes could make Facebook users safer. For instance, whenFacebook rolled-out its new recommended privacy settings late lastyear, it was a backwards step, encouraging many users to share theirinformation with everybody on the Internet.”

Sophos’s Threat Report also reveals that 49% of firms allow all theirstaff unfettered access to Facebook, a 13% rise on a year ago.

“The grim irony is that just as companies are loosening their attitudeto staff activity on social networks, the threat of malware, spam,phishing and identity theft on Facebook is increasing,” said Cluley.“However, social networks can be an essential part of the business mixtoday, and the answer is not to bar staff from participating in them,but to apply some ‘social security’ instead.”

LinkedIn – Providing Hackers with Your Company’s Corporate Directory

Although LinkedIn is considered to be by far the least threatening ofthe networks, Sophos advises that it can still provide a sizeable poolof information for hackers.

“Targeted attacks against companies are in the news at the moment, andthe more information a criminal can get about your organization’sstructure, the easier for them to send a poisoned attachment toprecisely the person whose computer they want to break into,” explainedCluley. “Sites like LinkedIn provide hackers with what is effectively acorporate directory, listing your staff’s names and positions. Thismakes it child’s play to reverse-engineer the email addresses ofpotential victims.”

For further detailed information about the study, as well as exploringthe last 12 months of computer security threats and predicting emergingcybercrime trends for 2010, download the Sophos Security Threat Report2010.

About Sophos

More than 100 million users in 150 countries rely on Sophos as the bestprotection against complex threats and data loss. Sophos is committedto providing security and data protection solutions that are simple tomanage, deploy and use and that deliver the industry’s lowest totalcost of ownership. Sophos offers award-winning encryption, endpointsecurity, web, email, and network access control solutions backed bySophosLabs – a global network of threat intelligence centers. With morethan two decades of experience, Sophos is regarded as a leader insecurity and data protection by top analyst firms and has received manyindustry awards.

Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.
###

Learn Expert Advertising and Marketing Strategies for Starting and Building your Business. Click here.