Home | About Us | News & Events | Our Solutions | Products | Resource Center | Contact Us | Client Portal | FAQs | CSR | Support
Messagelabs africa
     
  Need to protect email and your network now........ Sign up for free trial  
     
     
  Domain/web Hosting  
escan antivirus
Web Design
     
     
  Sangari  
     
     
  NetFilter Firewall  
     
     
  Eldura  
     
     
 

News


The information can then be used to make illegal transactions, stealing from the spam recipient or from the business that has been used as bait. Or it can be on-sold to another criminal organization.

Another example of a multi-vector attack at its most extreme centers around the installation of spyware, ranked as the second worst threat to enterprise network security in IDC’s 2005 Enterprise Security Survey, and estimated by IDC to account for up to 30% of all helpdesk calls, with 67% of all computers having some form of spyware – in most cases, multiple programs.
Spyware is any software application that secretly gathers information about the computer user and sends it on to another user via the internet. Users can unknowingly download spyware from websites, through file attachments or through ‘auto-install’ applications. Traditional antivirus solutions cannot detect spyware, as they cannot ‘catch’ the self-propagating properties of spyware.

Spyware can simply cause annoyance and lost productivity through pop-up ads, consuming bandwidth and draining IT resources – or it can be put to devastating use by cyber criminals. In many cases, staff frustrated and annoyed by continual pop-ups generated by spyware, download pop-up blockers which themselves contain malware.

In some multi-vector attacks, spyware that secretly installs a keystroke monitor is distributed via spam. The keystroke monitor forwards everything that is typed on the keyboard to the criminals. Passwords, account details, credit card numbers, usernames and file data are all automatically collected, on a massive scale.

With an even greater potential to cost business dearly, some spyware can interrogate the system on which it’s lodged, opening confidential files and uncovering network passwords –
placing at risk an entire corporate intellectual property, as well as lost productivity and the time and cost of disinfecting a network.
While there is anti-spam and cyber crime legislation in some developed countries, most developing countries like Kenya has no legal frame work to handle cyber crime cases, in fact most existing legal controls have limited effect as most spammers use off-shore email domains to transmit spam, and illegal techniques like address spoofing, Trojans and the bot-net to conceal their identity.

The only real answer is for all businesses, large and small, to implement a cost-effective and multi-layered approach. The first essential step is the installation of real time protection at the Internet server and desktop levels. Taking control of your network at the Internet level is the best known way for dealing with the current wave of cyber crime, since most of your data will be protected at the internet level sealing your network off the hackers. Secondly, the introduction of a coherent and enforceable email and Internet security policy to enforce practical measures to guard against damage to the information communication system. The third and final step is critical, yet often neglected. All employees and users need to be educated about information security on an ongoing basis. Security rules will not be kept without ongoing, active review and staff training. Staff also needs to be reminded that their email and internet use can be monitored, so they can protect their own privacy.

Page 5 of 9 <<prev next>>

 
     
 
 
  Contact US | Private policy | Terms and Conditions | © 2009 MessageLabsAfrica