Employees open enterprise to increased malware

RSA has today released the findings from its Online Fraud Report, which show the presence of malware on corporate computers is increasing as a result of employees accessing personal email accounts and carrying out personal business while at work.

The dual use of corporate computers for personal and business activity opens the door for trojan infections on corporate-issued endpoints and the opportunity for cybercriminals to capture additional data such as VPN credentials, enabling access to corporate applications including webmail accounts and CRM resources. As a result, organisations are facing an increased risk of data loss.

“Little attention has been focused on the crossover impact and potential risks malware could pose to the enterprise,” said Ian Farquhar, Senior Technical Consultant at RSA, The Security Division of EMC.

“The reality for security managers - particularly for organisations that issue laptops to employees - is they have little visibility into the online activities conducted by their employees when they are disconnected from the network. The level of risk increases significantly for organisations which allow anytime, anywhere network access - and even more when partners and other third parties are granted access privileges.”

The sites known as the 'usual suspects' - pornography, gambling and pharmaceuticals - remain the most likely avenues for infection. However, fraudsters have invested considerable effort in exploiting legitimate sites including popular news sites, social networks and celebrity fan pages to increase the volume of infection.

The Online Fraud Report findings include:

• RSA identified 16,274 worldwide phishing attacks in September, a 9% decrease from August.
• 178 brands were attacked in September, an 18% decrease from August (216). This is the first time in over a year that the number of targeted brands dropped below 200.
• The US hosted the most phishing attached in September (61.5%) with South Korea hosting 7%, an increase of 2% from August. Australia hosted 3.5%. The countries consistently hosting the largest portion of phishing attacks within the past six months are US, UK, Germany, Canada, Australia, France, South Korea and Russia.
• The volume of phishing attacks suffered by the US dropped 5% and the UK dropped 3%. The volume of phishing attacks in China increased by 3% in September. Australia was not listed in the Top 10 Countries by Attack Volume.
• The US, UK, India and Canada were the countries with the highest portions of brands targeted by phishing in September. 3% of brands targeted in September were Australian brands. In the past six months, the countries that have consistently had the highest number of targeted brands have been the US, UK, Italy, Canada, India, Australia and South Africa.