[AfrICANN-discuss] In Poor Economy, IT Pros Could Turn to E-crime

[Anne-Rachel Inné]

In Poor Economy, IT Pros Could Turn to E-crime

http://www.pcworld.com/businesscenter/article/161851/in_poor_economy_it_pros_could_turn_to_ecrime.html

Jeremy Kirk, IDG News Service
 Tuesday, March 24, 2009 8:00 AM PDT

Enterprises increasingly feel their employees will be more willing to steal
data or sell insider knowledge due to the poor economy, according to an
annual security survey conducted by KPMG.

Sixty-six percent of respondents felt that out-of-work IT workers would be
tempted to join the criminal underground, driven in part by threats to
bonuses, job losses and worthless stock options.

The E-crime Survey 2009, presented at the E-Crime Congress in London on
Tuesday, surveyed 307 private companies, government organizations and law
enforcement agencies.

In the survey, KPMG said that fraud committed by managers, employees and
customers tripled compared to 2007, which indicates that the recession will
likely only exacerbate those problems.

Employees often have "super access" to sensitive company systems and know
those systems' weaknesses. It means that companies need to have strict
procedures in place for locking those individuals out once they no longer
work at an organization, the survey said.

The survey topped off a series of fairly gloomy presentations by security
experts on the state of Internet security. Those experts are still seeing an
exponential rise in the number of malicious software programs along with a
diminished effectiveness of antivirus software.

Figures released by security vendor Symantec show that more than 2.4 million
strains of malware exist, said Malcolm Marshall, a KPMG partner in IT
governance.

The security community could soon "face a potential meltdown in the way we
do e-business," Marshall said. That's due in part to IT professionals who
aren't patching systems, cybercriminals refining their skills and a lack of
security knowledge on the part of consumers, he said.

"We know that end users are broadly not sophisticated," Marshall said. "The
reality is we are seeing more sophisticated attacks aimed at sophisticated
people."

In other survey results, 45 percent of respondents who handle critical
national infrastructure said they are seeing an increase in the number of
attacks on their systems. Fifty-one percent of respondents from the same
category said the technical sophistication of those attacks is getting
better.

Sixty-eight percent said that of all kinds of malicious code they felt
Trojan horse programs -- ones that are designed to look harmless but can
steal data along with other functions -- had the most impact on their
businesses. Rootkits are the next highest concern, followed by spyware,
worms, viruses, mobile malicious code and, finally, adware.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.afrinic.net/pipermail/africann/attachments/20090325/d53ab34e/attachment.htm