McAfee released a report today showing that incidents of malware (malicious software) reached its highest levels ever in the first half of 2010. The company identified 6 million malicious files in the second quarter, making for a total of 10 million malicious files over the first six months of the year. Among the most common attack vectors were attacks targeted to social media users. Password stealing Trojan horses — commonly used used in online bank thefts — were among the most common payloads.
The report reconfirms everything we’ve been saying since we began our blog 18 months agoThere has been a sea change in cybercrime. Threats are more sophisticated than ever, weaknesses and vulnerabilities abound. Defenses have not kept pace.
The report is a reminder to every organization to take a critical look at its defenses — everything from policies and employee awareness training to modern intrusion prevention systems. It needs to make sure it’s employing a cost-effective defense-in-depth strategy covering all three critical information security management domains:
- Corporate security management
- Security management of the IT infrastructure
- Point-in-Time security of the IT infrastructure
It’s also a time to talk to your attorney and your insurance broker. Your attorney can make sure you’re aware of your legal responsibilities and can provide counsel on sharing sensitive information with 3rd parties. Your insurance broker can help you mitigate some of your security risk through cyber-insurance policies.
Thanks to Terry Corbell for alerting us to this story.