Size doesn’t matter when it comes to protecting against online attacks

Figure 1 – Average number of targeted attacks blocked by per day by company size.

Lately it seems rare to read a technology section and not see a story about a targeted online security attack. With Stuxnet, Duqu and now Flamer making big headlines, targeted attacks have become common house-hold names.

MessageLabs Intelligence Senior Analyst, Symantec Hosted Services
Paul Wood, Cyber Security Intelligence Manager, Symantec Corp.

What is interesting to note is that targeted attacks aren’t always aimed at the big guys.  The latest intelligence report from Symantec found that targeted attacks on SMBs are increasing.

While larger organizations continue to be the primary aim of targeted attacks, there has been a significant shift towards smaller companies over the last six months. More than 36% of all targeted attacks are aimed at small companies, compared to 18% at the end of 2011. In fact, when looking at the trends month-by-month, there appears to be a direct correlation between a rise in attacks against small companies and a drop in attacks against larger ones. Attackers could very well be diverting malicious resources directly from one group to the other.

This shift could be based on a perception that smaller business may be an easier point of entry. Without dedicated IT security staff, smaller businesses could be seen as a weaker link in the supply chain – less effort for bigger gains. For instance, an email that appears to come from a trusted contact, (in reality a spoofed from address), could find itself automatically forwarded on to business contacts or partners. These contacts could then open the email, installing the malware on their computers.

Protect yourself

As spammers and malware authors adapt their strategies, it’s important for users to follow best practices and use security solutions from trusted vendors. Before downloading music or video files or opening an attachment to an email message, Symantec recommends the following best practices:

1. Get ready: Strengthen your computer’s defenses with:

  •  Firewalls
  •  Antivirus protection
  •  Software updates
  •  Email spam filters

2. Download with caution: Think first. Click later.

  •  Beware of fraudulent email messages
  •  Only download from reputable sites
  •  Install and use file-sharing programs cautiously
  •  Save files for safer downloads

3. Remove malicious software – Sometimes, despite your best efforts, you may download a program you don’t want:

  • Run antispyware tools
  • Run the malicious software removal tool
  • Disable add-ons

Other highlights from the Symantec Intelligence Report: June 2012

  • Spam – 66.5 percent of total email in Canada (a global decrease of 1 percentage point since May 2012)
  • Phishing – One in 332 emails identified as phishing in Canada (a global increase of 0.04 percentage points since May 2012)
  • Malware – One in 271.3 emails contained malware (a decrease of 0.04 percentage points since May 2012)

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Latest Blogs

ITB in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.