The Small and Medium Businesses contribute to around 68% of the world economy while making up for 80% of the employment. The security needs, issues and priorities of SMBs are different in many ways from that of large Business Houses.
The Threat Scenario The Small and Medium Businesses contribute to around 68% of the world economy while making up for 80% of the employment. The security needs, issues and priorities of SMBs are different in many ways from that of large Business Houses. While big enterprises have a well defined security mechanism in place with dedicated personnel to look after it, in most SMBs the scenario is lesser organized, short-staffed and under equipped. They have a small number of IT staff who manages to give only a portion of their time towards the security aspect. Another major concern is the lack of user awareness owing to a significant presence of under experienced, part-time employees. A recent study by MicroWorld Technologies showed that security awareness is 45% lesser among staffs of smaller businesses in comparison with large enterprises. One knows small businesses work on stringent standards of Service and Product Delivery models adhering to tight deadlines, as client demands are always on the higher side. Business Continuity is a vital factor for Mid-size organizations in retaining the clientele and fostering relationships. Security breaches and Virus infections in the internal network of organizations can be quite detrimental for Business Continuity as they can bring down the entire network of an organization in a matter of few hours. Let's examine these threats in detail.
Virus, Trojan, Riskware and more Virus A typical computer Virus is a malicious program that destroys and alters files and folders, while replicating on its own. It usually attaches or inserts itself into an executable file or the boot sector of a disk. Network Worms This Malware spreads via P2P File Sharing, LAN, WAN and over the Internet using file sharing programs like Kazaa. A worm wriggling into a vulnerable computer of a large network will send requests to all other machines in order to propagate it. Trojan A Trojan refers to a program or a file that may look harmless otherwise, but carries a malicious component in it. Regular Trojans do not replicate on their own, but can be highly destructive, harm applications and threaten your Data Integrity. A MicroWorld study in September 2006 found that 31% of malware caught in SMBs belong to different Trojan families.
Trojan Downloaders This breed downloads other Viruses, Worms and Trojans into the victim's machine from the Internet. Often they turn off the AntiVirus and Firewall in the system before bringing in new malware! Trojan Clickers Trojan Clickers redirect victim's machines to specific websites or other resources on the Internet. They make this possible by tampering with Windows HOSTS file to reroute regular web requests towards websites they wish. Trojan Clickers are widely used in increasing the hit-count of specific websites or for launching Denial of Service (DOS) attacks. Pharming Trojans This breed is similar to Trojan Clickers and is used in a dangerous attack called 'Pharming'. When an employee from your company's Finance Department accesses the website of the official bank to do a business transaction, he could unwittingly open a spoof website created by scamsters, where he gives away confidential financial information. They do this by making changes in the DNS settings. Keyloggers Keyloggers remain silent in a compromised computer and capture usernames and passwords when a user logs on to the websites of Financial Institutions, Banks and Credit Card Companies. The Information thus stolen is mailed to the author of the Malware. Some of the more evolved ones can take screenshots and capture mouse clicks too. This malicious code is a core component in Password Stealing Trojans. Keyloggers can pose a dangerous threat to the Data Integrity of SMBs. If they manage to steal the email ID and password of a senior executive, all of his or her mail communication can be spied on, day in and day out. Backdoor This Malware is hooked into the victim's system by an intruder, in order to gain Access and Control of it. IRC (Internet Relay Chat) channels are widely used by Backdoors to connect to the attacker and take orders from the criminal sitting in his far away hideout, perhaps in the mountainside Russia! Using the B... [download for more]
