1
6 NOVEMBER/DECEMBER 2009 News Security holds back cloud adoption A report from Forrester Research claims to show that concerns over the security of cloud computing are preventing many companies from considering the adoption of the technology. The worries are sufficient to hold back companies from the pay-per-use hosting model of virtual servers, the IT research firm said. The report – Forrester’s Q3 Enterprise And SMB Hardware Survey, North America And Europe – found that 49% of survey respondents from enterprises and 51% from small and medium-size businesses (SMBs) cited security and privacy concerns as their top reason for not using cloud computing. The survey of more than 2200 IT executives and technology decision-makers in Canada, France, Germany, the UK, and the US concluded that cloud computing adoption is lagging. Fake virus, worm and malware alerts target online shoppers Online shopping is soaring as we get closer to Christmas, and criminal malware authors are now targeting e-shopping in earnest with a variety of attacks, according to IT security vendor Webroot. One of the latest types of attack methodologies involves fake virus and worm alerts, which malware authors have been refining since they first appeared in a basic form earlier in the year, Webroot said. According to Andrew Brandt, a security researcher with the IT security vendor, the malware authors behind this fraud have been honing their skills and working to push their malicious web pages higher in the search rankings for some time. “Victims experience a computer that appears to be out of control, seemingly unable to do anything but download whatever application the fake alert forces upon them”, said Brandt in a security blog posting. The good news, he said, is that it is not hard to avoid these fake alert sites, but users have to be on constant alert and carefully scrutinise the results of any security scan warnings that appear on their computer screens before they click on a link. Because of these issues, Brandt advises users to “sweep before you shop” and always scan your computer with a fully updated anti-virus and anti-spyware application before you even get to the order form on your favourite shopping site. “When in doubt, kill your browser: If you do happen to find yourself sucked into a fakealert vortex, don’t click anywhere in the browser window. If you know how to use the task manager to terminate the browser application, you can do it that way”, he adviced. McKinnon may get judicial review of case UK Home Secretary Alan Johnson has revealed he is considering granting UFO hacker Gary McKinnon extra time to apply for a judicial review of his case. The hopes of McKinnon – who has Asperger’s syndrome – were dashed in November when the Home Secretary said that the extradition would probably go ahead within the next week or so, causing his solicitor, Karen Todner, to announce plans to appeal to the European court of human rights. It now transpires that the Home Secretary – who had originally decided the government will not intervene in the case of McKinnon last week – is reconsidering his position. He told the House of Commons he is now considering a request from McKinnon’s legal team to extend the seven-day period they have to apply for a judicial review until 17 December. Infosecurity noted that, for the first time, the Home Secretary conceded there are legitimate concerns over McKinnon’s mental health, but he said this did not prevent the hacker from being extradited to the US to face the charges. IN BRIEF Bit.ly secures URLs Bit.ly is phasing in three security features. The first is VeriSign’s iDefense IP reputation, which blacklists domains known to contain exploits, malware and other internet security problems. The second is the Websense Threatseeker Cloud, which analyses the content being routed to by a Bit.ly URL and, using real-time analysis blocks any suspicious activity. Sophos provides the third service, which provides a behavioural analysis facility looking at users’ activities on the Bit.ly service and pro-actively looks for malware and spam. IBM scoops up Israel’s Guardium IBM is reported to be acquiring Guardium, the enterprise database security specialist, for $225 million. Guardium, a subsidiary of Log-On Software, supplies database applications protection. IBM said it plans to integrate Guardium within its information management software portfolio. Employees happy to steal data A survey of office workers in London and New York has concluded that around one in three would cheerfully steal their employers’ computer data to help a friend find a job. The survey – which took in responses from around 600 office workers in the two cities – also revealed that 41% of workers had already taken sensitive computer data from their former employers to their new job. Furthermore, it found that 57% of respondents said that it has become a lot easier to take sensitive computer information from under their bosses’ noses this year – up from 29% last year. 32% of people surveyed revealed that they would do their utmost to take a peek at an office redundancy list to find out if their name was on the schedule.

Security holds back cloud adoption

  • Upload
    vuque

  • View
    213

  • Download
    0

Embed Size (px)

Citation preview

Page 1: Security holds back cloud adoption

6 NOVEMBER/DECEMBER 2009

News Security holds back cloud adoptionA report from Forrester Research claims to show that concerns over the security of cloud computing are preventing many companies from considering the adoption of the technology. The worries are sufficient to hold back companies from the pay-per-use hosting model of virtual servers, the IT research firm said.

The report – Forrester’s Q3 Enterprise And SMB Hardware Survey, North America And

Europe – found that 49% of survey respondents from enterprises and 51% from small

and medium-size businesses (SMBs) cited security and privacy concerns as their top

reason for not using cloud computing.

The survey of more than 2200 IT executives and technology decision-makers in Canada,

France, Germany, the UK, and the US concluded that cloud computing adoption is lagging.

Fake virus, worm and malware alerts target online shoppersOnline shopping is soaring as we get closer to Christmas, and criminal malware authors are

now targeting e-shopping in earnest with a variety of attacks, according to IT security vendor

Webroot.

One of the latest types of attack methodologies involves fake virus and worm alerts,

which malware authors have been refining since they first appeared in a basic form

earlier in the year, Webroot said. According to Andrew Brandt, a security researcher with

the IT security vendor, the malware authors behind this fraud have been honing their

skills and working to push their malicious web pages higher in the search rankings for

some time.

“Victims experience a computer that appears to be out of control, seemingly unable

to do anything but download whatever application the fake alert forces upon them”, said

Brandt in a security blog posting.

The good news, he said, is that it is not hard to avoid these fake alert sites, but users have

to be on constant alert and carefully scrutinise the results of any security scan warnings that

appear on their computer screens before they click on a link.

Because of these issues, Brandt advises users to “sweep before you shop” and always

scan your computer with a fully updated anti-virus and anti-spyware application before you

even get to the order form on your favourite shopping site.

“When in doubt, kill your browser: If you do happen to find yourself sucked into a

fakealert vortex, don’t click anywhere in the browser window. If you know how to use the

task manager to terminate the browser application, you can do it that way”, he adviced.

McKinnon may get judicial review of caseUK Home Secretary Alan Johnson has revealed he is considering granting UFO hacker Gary

McKinnon extra time to apply for a judicial review of his case.

The hopes of McKinnon – who has Asperger’s syndrome – were dashed in November

when the Home Secretary said that the extradition would probably go ahead within the

next week or so, causing his solicitor, Karen Todner, to announce plans to appeal to the

European court of human rights. It now transpires that the Home Secretary – who had

originally decided the government will not intervene in the case of McKinnon last week – is

reconsidering his position.

He told the House of Commons he is now considering a request from McKinnon’s legal

team to extend the seven-day period they have to apply for a judicial review until 17 December.

Infosecurity noted that, for the first time, the Home Secretary conceded there are

legitimate concerns over McKinnon’s mental health, but he said this did not prevent the

hacker from being extradited to the US to face the charges.

IN BRIEF

Bit.ly secures URLsBit.ly is phasing in three security features. The

first is VeriSign’s iDefense IP reputation, which

blacklists domains known to contain exploits,

malware and other internet security problems.

The second is the Websense Threatseeker

Cloud, which analyses the content being

routed to by a Bit.ly URL and, using real-time

analysis blocks any suspicious activity.

Sophos provides the third service, which

provides a behavioural analysis facility looking

at users’ activities on the Bit.ly service and

pro-actively looks for malware and spam.

IBM scoops up Israel’s GuardiumIBM is reported to be acquiring Guardium,

the enterprise database security specialist,

for $225 million. Guardium, a subsidiary

of Log-On Software, supplies database

applications protection.

IBM said it plans to integrate Guardium

within its information management software

portfolio.

Employees happy to steal dataA survey of office workers in London and

New York has concluded that around one in

three would cheerfully steal their employers’

computer data to help a friend find a job.

The survey – which took in responses from

around 600 office workers in the two cities

– also revealed that 41% of workers had

already taken sensitive computer data from

their former employers to their new job.

Furthermore, it found that 57% of

respondents said that it has become a lot

easier to take sensitive computer information

from under their bosses’ noses this year – up

from 29% last year. 32% of people surveyed

revealed that they would do their utmost to

take a peek at an office redundancy list to

find out if their name was on the schedule.