According to a study in 2009, Indian enterprises lost Rs. 58 lakh due to cyber attacks. This is set to increase further if companies do not take appropriate measures to protect themselves from various threats that lead to not just financial setbacks but also loss of crucial data.
Cyber criminals are using various means such as social networking and posting malicious links in instant messengers (IMs) along with spam mails.
With the increasing popularity of social networking sites, Symantec expects to see frauds being leveraged against site users to grow as well.
“Social engineering is already one of the primary attack vectors being used today and Symantec estimates that the number of attempted attacks using social engineering techniques is sure to increase in 2010. Third party applications were made a target of fraud on various social networking sites and the trend is expected to continue,” Symantec Vice President (India Product Operations) Shantanu Ghosh said.
In its Mid-Year report card, Symantec said more attackers are going directly after the end-user and attempting to trick them into downloading malware or divulging sensitive information under the pretence that they are doing something perfectly innocent.
As further validation that this trend is indeed developing, Facebook recently updated their application authorisation system in an effort to reduce the number of scams and misleading applications being propagated via their network, he added.
Now a user is informed when an application seeks permission to access the user’s basic information or to post on their wall.
This becomes more serious as many enterprises allow their employees to access social networking sites such as Facebook from the work premises. According to an early study by Symantec, 82 percent of the Indian enterprises surveyed allow employees to use Facebook at work.
“With the rise of polymorphic threats and unique malware variants in 2009, the industry is quickly realising that traditional approaches to antivirus solutions are not enough to protect against today’s threats. Instead, approaches to security that look to ways to include all software files will become key in 2010,” Symantec said.