New Symantec research released today has found that public confidence in the data security standards of various business sectors is shot to hell.

Unsurprisingly for a vendor looking to shift as many units of its data loss prevention solution as possible, the research paints a pretty grim picture. Of the 1,000 UK adults asked to rate their level of confidence on a scale of one to six, with one the most confident, banking came out top with 3, while retail, telecoms, transport and the public sector fared slightly worse.

Online retailers may have something to think about if this research is to be believed as they scored the worst, with a 3.7 average.

Symantec's senior product marketing manager for data loss prevention, Chi-Chi Liang, did a wonderful job of marketing Symantec's product for data loss prevention, by declaring that the low level of trust can be linked to an increasing number of high profile data loss incidents - many of which have been caused by simple employee error.

"The task for organisations in both countries is to win back customer confidence by reassuring them that world-class data loss prevention measures are in place," added Liang. We can't think whose DLP tools Ms Liang might be referring to.

To take a more glass-half-full view of this research though, isn't it more noteworthy that public confidence is still so high, despite the ever-increasing barrage of data loss incidents from public and private sector?

If most sectors scored around a 3, which is mediocre, then one could say public confidence is more resilient to media scare stories than we perhaps give it credit for.

October 28, 2009 | Permalink | Comments (0)

Microsoft's general manager of Internet Explorer and consumer security, Amy Barzdukas, used her keynote at the RSA Conference Europe show in London today to warn industry not to contribute to the gains of illegal scareware peddlers.

Aside from her other major theme, promoting IE8 as the best browser in the world ever, Barzdukas quite rightly pointed out that users need to be educated without being scared.

"We haven't struck the right balance of how to inform users without terrifying them," she added.

In the keynote following, Soca and FBI representatives highlighted just how lucrative a market scareware has become, pointing out several affiliates in scareware programs who are making in excess of $100,000 a month by profiting from the fear and lack of awareness of consumers.

Barzdukas also urged industry to better understand how consumers interact with computers and how they treat security warnings.

She used IE8, naturally, as a good example of how to minimise the risk of end users making the wrong decisions and ignoring security warnings presented on the screen in front of them.

She detailed features such as a pop up box which appears to warn users if they are about to download potentially malicious software. Instead of having a continue button the same size as a cancel instruction, the Microsoft team has worked to minimise the former, she said.

October 21, 2009 | Permalink | Comments (1)

Google is set to start sending out warnings to operators of infected sites in a bid to clean up the internet.

Possibly because it feels a bit like a taxi driver dropping its passengers off at some dodgy destinations, the firm will send snippets of code to webmasters, alerting them to problems on their sites and generally giving them a nudge in the 'clean up your act' direction.

The new information will appear as part of Webmaster Tools, a suite of tools provided by the firm. "In addition to helping the webmasters of sites with malware warnings, this new detail is also designed to promote the general health of the web," Google's Lucas Ballard said on the firm's online security blog.

"While we're excited to offer this feature, we caution webmasters to use the tool only as a starting point in their site clean-up process," he added.

"Google's scanners may not be able to provide malware samples in all cases, and the malware samples may not be a complete list of all the malware on the page. More importantly, we advise against simply removing the examples that are displayed in Webmaster Tools. If the underlying vulnerability is not identified and patched, it is likely that the site will be compromised again."

Webmasters have to be registered with Google in order to get nagged in this way. Form an orderly queue please.

October 14, 2009 | Permalink | Comments (2)

According to the latest internet security report from PandaLabs hackers are breaking all established records when it comes to the nefarious business of creating new threats.

The security firm said that it had recorded five million new strains of malware in just the last three months. Alarmingly most were banking trojans, the rest a mix of adware, worms, hacking tools and spyware. Trojans took a 38 per cent share of all infections, adware was responsible for 18.68 per cent, and worms 14 per cent. Country to country, Taiwan was found to have the most active infections, 29 per cent, but is closely followed by the US and the UK, which both have roughly 25 per cent.

The risk of infection continues to worsen, according to PandaLabs, which paints a bleak picture of the future. "We are currently receiving some 50,000 new examples of malware everyday, this compares to 37,000 just a few months ago. There is no reason to believe that the situation will improve in the coming months," explained Luis Corrons, technical director at PandaLabs.

PandaLabs said that crooks would throw almost every resource at their disposal in order to infect the maximum number of machines. It said that these varied from social networking attacks to search engine manipulation. The firm also fingered a few firms for exposing their users to potential risks. It called one of the vulnerabilities patched by Microsoft, 'Striking', and another, 'Alarming'.

What with all these risks out there PandaLabs suggests that users install some web security software. You shouldn't need to look too far to find a supplier of that.

October 1, 2009 | Permalink | Comments (0)