Whether its spyware hidden amidst a seemingly innocuous download, a “spoofed” social networking identity, or phishing emails that gain access to valuable information, web and email-based security threats are more advanced and more covert than ever before. Learn how MessageLabs integrated web and email security services protect your business.
WHITE PAPER
Tangled Web: Undercover Threats,
Invisible Enemies Mark Sunner, Chief Security Analyst, MessageLabs
The Secret War crucial danger points for any business that doesn't defend itself The enemy you can't see is usually the hardest to ? ght. And it's adequately against undercover threats and invisible enemies. the adversary who doesn't operate out in the open that can often But it also outlines a ready-made solution that can protect your do the most damage. They move in the shadows, constantly business, immediately, comprehensively and cost-effectively. changing tactics and repeatedly altering their point of attack. Elusive and dangerous, they may emerge brie? y from their cover The information presented here is based on MessageLabs - only to vanish again just as quickly. hands-on experience of providing proven messaging and web security management services for over 17,000 clients worldwide, The world of messaging and web security has seen striking with around 2.5 billion attempted Simple Mail Transfer Protocol growth in just this type of activity. Anonymity, deceit and (SMTP) connections processed every day on their behalf.subterfuge are now established weapons in the arsenal of the "bad guys" targeting organizations like yours with pro? t-reducing malware, spam and scams. Increasingly, this enemy's ultimate Spyware: Agent of Chaosaim is to access intellectual property and other con? dential data Perhaps the best-known example of an undercover threat is - just the sort of information you can't afford to fall into the wrong spyware, which ? rst appeared around ? ve years ago. Essentially, hands. Now motivated by commercial gain rather than pure spyware is software that gets onto a computer's hard drive malice, these masters of disguise pose a greater threat than ever without the user's explicit and knowing agreement. In some to the health of your business. cases, "permission" for spyware to install itself is buried deep in the small print of a licensing agreement. In other cases, Long gone are the "good old bad old days" when threats permission is not given at all. generally had an instant and obvious effect - when many businesses simply warned employees not to click on dubious- Once installed, the spyware secretly tracks the computer user's looking email attachments in case their computers became web browsing behavior, logs websites visited and passes this infected with a virus or some other unwelcome visitor. Today we information on to advertisers - all with the consummate skill of a are seeing a rising tide of dangers that are more cunning, harder professional pickpocket. The computer then ? nds itself ? ooded to pin down and much more dif? cult to defend against. with a torrent of irritating pop-up advertisements; pricelists, etc., broadly related to the user's browsing behavior. Hence the Many of these attack computers without their owners or users other name commonly given to spyware - "adware". The user, ever knowing it, often as a result of visiting an innocuous-looking meanwhile, remains oblivious to the fact that their machine has website. Another key trend is the delivery of malware via "bad" been infected. Pop-ups are a common feature of the electronic weblinks rather than the traditional email attachment - a rapidly landscape, so it's not always obvious when spyware is to blame escalating trend that is proving a more ef? cient (and ultimately for their appearance.more lucrative) way for the bad guys to realize their objectives. And much of the time those objectives involve the secret pilfering Spyware usually gains access to a computer by camou? aging of business-critical information from your organization. itself among other software (e.g. a free screensaver or a music ? le) which the user has agreed to download. Ironically, it's often Examining recent developments in the threat landscape, this concealed in downloadable software claimed to be "spyware-MessageLabs whitepaper focuses on the emergence of the web free" or "adware-free" - and even in many "anti-spyware" and covert information-gathering as key battlegrounds in the applications! As for the actual delivery mechanism, this may ongoing war against malware propagators and the criminal gangs be an email attachment, but weblink/website downloads have increasingly active in this ? eld. Above all, the paper highlights the increasingly become the spyware gangs' weapon of choice.
WH... [download for more]
