informa
/
3 MIN READ
Commentary

Cybercrime Growth Accelerating

SonicWall's mid-year threat report indicates across-the-board growth in cybercrime trends with Web- and cloud-based attacks looming dangerously large and growing larger fast.
SonicWall's mid-year threat report indicates across-the-board growth in cybercrime trends with Web- and cloud-based attacks looming dangerously large and growing larger fast.Security firm SonicWall's mid-2010 threat assessment shows just how quickly the crooks are moving to exploit the Web and the cloud.

Web-based attacks, for instance, have grown from 4% of attacks in 2009 to 45% of attacks in the first half of 2010.

That level of growth reflects, of course, where the crooks' targets are. As we and our businesses live more and more constantly on the Web, with our data and our tools increasingly resident in the cloud, it's hardly surprising that crime will move there as quickly as it can.

Traditional attack vectors and threat-types are benefiting -- if that's the word -- from the acceleration. SonicWall reports that instances of malware detection grew 300% in the first six months of the year, "from 60 million to approximately 180 million" detections.

Much of this is inevitable -- with the exception of large swaths of the economy, everything is speeding up, and cycbercrime is hardly likely to be an exception.

While VPN and mobile threats/vulnerabilities are getting increasing attention from the crooks -- and from security firms, as SonicWall's recent expansion of its remote access management tools shows -- it's important to bear in mind that no matter how ascendant the new vectors become, the old familiar threats remain a danger.

Growth rates for phishing and spoofing, in particular, have hardly diminished, and their approaches remain both effective and predictable, with phony account notifications and headline-based subject lines topping the list.

Tax scams too are spreading, with fake tax audit/inquiry phish-cons starting to show up in large numbers in India, Australia, Canada and China.

What are you going to do?

The temptation, every time a new set of uptrending cybercrime numbers is released is to ask that question and call it quits with a shrug right there: "Cybercrime's growing fast -- what're you going to do?"

Sadly, too many small and midsized businesses -- and no few enterprises, or at least work areas within the enterprise -- do essentially that, accepting cybercrime growth and new threat vectors as a fact of life.

Which they are.

But it's also a fact of life that many of the most easily exploited targets of these threats are our business, our customers and our employees not just because that's "where the money is" but also because the crooks know just how ill-prepared so many

Whether through lack of security education and formal policies, failure to take even basic security precautions, lack of even automated patching much less a formal patch policy and more -- we're making it far too easy for the threats to multiply and the crooks' takes to increase.

It would be nice to see some threat statistics from SonicWall or another security company that show, for instance a 300% increase in the number of security and usage policies in place among SMBs.

Probably we shouldn't hold our breaths for that one, though.