Even with the right policies in place, access to the Internet is now often a necessary part of many employees' daily routine. The risks can still be high, especially from drive-by attacks from visiting compromised websites, and links shared over insecure IM channels. Drive-by attacks are no longer the preserve of the shadier parts of the Internet. The majority of Web-based threats are blocked from legitimate or compromised websites, such as fake profiles on social networking sites and webmail services. A drive-by attack can result in spyware being installed on a machine, or worse still – malware leading to data loss.
Example: Psyme – A Trojan Downloader. By simply visiting a legitimate website that has been comprised by Psyme, a user can unknowingly become infected with spyware or some other type of malware, such as a botnet. This sample was downloaded by visiting a website accessed through a hyperlink shared over IM.
Security experts estimate that Conficker, a particularly malicious worm, targeting MS Windows, has already infected more than 7 million computers around the world. Last year, there was much hype that the Conficker worm would cause an April 1 meltdown, although security researchers said such fears were greatly exaggerated. Still, Symantec says the botnet could still "wreak havoc." But worms are not the only threat out there. As IT Business Edge blogger Mike Vizard explains:
"The problem is that the way we approach data security these days is largely defined by the way IT sees the world, which is through layers of horizontal products and technologies. What IT doesn’t really have a handle on is what specific individuals have access to what kind of information because they are associated with a specific business process or task." These are just some of the major threats that Symantec Hosted Services says are facing companies. Click through to view the top five security threats you should be on the lookout for.