Information threat horizon a major cause for concern

Davey Winder
Wednesday, 25 June 2008 04:32

Your IT - Home IT

One of the world's leading independent authorities on information security has warned that malicious threats from organised crime as well as industrial espionage are on the up. Throw in mobile malware and Web 2.0 vulnerabilities and the threat horizon looks very grim indeed.

The Information Security Forum can count amongst its members some 50 percent of the Fortune 100, and 300 of the world's largest business and public sector organisations. It has released a report, Threat Horizon 2010, which highlights the trends impacting upon the security landscape. Unfortunately, this does not make for happy bedtime reading.

However, the predictions of groups such as the ISF are vital if the challenges facing IT security professionals in the coming years are not only to be understood but also met head on.

Perhaps the most worrying observation is that the ISF is seeing a definite shift away from what you might call indiscriminate security events. The move is toward the highly targeted, scrupulously planned, attacks that have the fingerprint of organised crime groups all over them.

Indeed, the ISF warns that these organised crime outfits are now developing ever more sophisticated business models, for want of a better term, which aim to extort the e-economy and aid their core money laundering processes.

"Criminal groups now see online crime as a lucrative and low risk alternative to robbing a bank," says Andy Jones, a Senior Research Consultant at the ISF and the report's author. "And with the problems of protecting large volumes of sensitive information held in organisations electronically, businesses are also under the increasing threat from targeted espionage and the loss of competitive advantage or intellectual property."

Another trend on the move, aptly enough, is that of mobile malware. This has not been helped by the fact that, at least as far as security is concerned, mobile devices are still pretty immature. They certainly do not tend to have the same level of anti-virus or security control that you see on the desktop or laptop. Yet they increasingly carry the same type of data, and boast the same type of connectivity.

The ISF predict that there is an inevitability that the growing trend of mobile and remote working will attract new forms of mobile malware designed, for example, to create fraudulent payments or denial of service attacks.