Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive

News Now

CU System
Perimeter ranks malware top of 10 info security threats
MILFORD, Conn. (1/15/10)--Perimeter E-Security, a CUNA Strategic Service and provider of information security services, has released its Top 10 Information Security Threats for 2010. “It is vital for companies to understand what they can do to best protect their systems and information,” said Kevin Prince, Perimeter chief technology officer. Perimeter’s top 10 threats are:
* Malware, which can be installed on systems through client-side software vulnerabilities. Browsers are a top target for vulnerabilities, Perimeter said. Malware was the second-highest ranked threat last year. For the first time, cybercrime exceeded drug trafficking, reported the FBI in 2009. * Malicious insiders. Many disgruntled and desperate employees have tried to exploit their employers or former employers. There is no way to completely eliminate the threat of malicious insiders, but good security policies can reduce incidents. * Exploited vulnerabilities, which lead to worms, viruses, malware and other attacks. Organizations need to improve their patch management, Perimeter said. * Careless employees. They can be categorized as careless or untrained; employees that are duped or fall prey to social engineering attacks; or malicious employees. Organizations should provide policies, procedures, training and technology to reduce threats generated by careless employees. * Mobile devices. Worms and other malware specifically target these devices and enlist them as botnets to steal data. Laptops are main culprits. Many are stolen every year and have sensitive data that would require public disclosure if there’s a data breach. * Social networking. Sites such as Facebook, MySpace and Twitter can be breeding grounds for SPAM, scams, scareware and other attacks. Personal safety also can be an issue, because the information individuals post on the site can be a “stalker’s dream come true,” Perimeter said. * Social engineering attacks, such as phishing. Beginning this year, domain names will be expanded to include Japanese, Arabic, Hindi and Greek characters, which will make it more difficult for users to determine if a domain is legitimate. * Zero-Day exploits, which occur when an attacker can compromise a system on a known vulnerability but no patch or fix exists. * Cloud computing Internet-based security threats. Many applications call for forced encryption to access “in the cloud” services. As cloud computing becomes more popular, security will be an issue. “Cloud” is a metaphor for the Internet. * Cyberespionage. Most incidents so far have involved government bodies and agencies, and haven’t been a threat to individual organizations. But because cyberespionage has large implications for government, it must be closely monitored.
In most cases, companies will have to implement new technology to prepare for threats. CUNA Strategic Services will offer a webinar, “Detect and Protect: Resolve to Fight Cyber Threats in 2010,” Jan. 27 at 1 p.m. CST. It features a panel of security experts, including Perimeter.
Other Resources

RSS print
News Now LiveWire
July 's Fed Bank's "FedFocus" has some interesting articles: incl cost/benefits of $1 currency 2 coin conversion ttp://
11 hours ago
Do you wish you were a News Now subscriber? Go here:
11 hours ago
Financial education for student body key part of Altura #creditunion, UC-Riverside partnership #NewsNow
12 hours ago
.@VTcreditunions gains 200 new FB followers in just 2 wks to reach 1,000
12 hours ago
.@CUNA is testifying on reg relief Tues,July 15 at 2 p.m. be4 Hs Fin Serv Subc. Here is the agenda and witness list:
15 hours ago