In poor economy, IT pros could turn to e-crime
Enterprises increasingly feel their employees will be more willing to steal data or sell insider knowledge due to the poor economy, according to an annual security survey conducted by KPMG.
Sixty-six percent of respondents felt that out-of-work IT workers would be tempted to join the criminal underground, driven in part by threats to bonuses, job losses and worthless stock options.
The E-crime Survey 2009, presented at the E-Crime Congress in London on Tuesday, surveyed 307 private companies, government organizations and law enforcement agencies.
In the survey, KPMG said that fraud committed by managers, employees and customers tripled compared to 2007, which indicates that the recession will likely only exacerbate those problems.
Employees often have "super access" to sensitive company systems and know those systems' weaknesses. It means that companies need to have strict procedures in place for locking those individuals out once they no longer work at an organization, the survey said.
The survey topped off a series of fairly gloomy presentations by security experts on the state of Internet security. Those experts are still seeing an exponential rise in the number of malicious software programs along with a diminished effectiveness of antivirus software.
Figures released by security vendor Symantec show that more than 2.4 million strains of malware exist, said Malcolm Marshall, a KPMG partner in IT governance.
The security community could soon "face a potential meltdown in the way we do e-business," Marshall said. That's due in part to IT professionals who aren't patching systems, cybercriminals refining their skills and a lack of security knowledge on the part of consumers, he said.
"We know that end users are broadly not sophisticated," Marshall said. "The reality is we are seeing more sophisticated attacks aimed at sophisticated people."
In other survey results, 45 percent of respondents who handle critical national infrastructure said they are seeing an increase in the number of attacks on their systems. Fifty-one percent of respondents from the same category said the technical sophistication of those attacks is getting better.
Sixty-eight percent said that of all kinds of malicious code they felt Trojan horse programs -- ones that are designed to look harmless but can steal data along with other functions -- had the most impact on their businesses. Rootkits are the next highest concern, followed by spyware, worms, viruses, mobile malicious code and, finally, adware.
IDG News Service
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
recession
Powered by TwitterOn Twitter now
recession
Brian Proffitt
Microsoft/Novell: Breaking Down the Coupon Numbers
Esther Schindler
Drupal's Dries Buytaert on Building the Next Drupal
Tom Henderson
Top Ten General Operating Systems Rants
pasmith
PS3 motion controller delayed; goes up against Project Natal
sjvn
Neolithic Windows security hole alive and well in Windows 7
claird
Perl source code comparison makes for good reading
mikelgan
Cell phones don't create stress or interrupt much
Sandra Henry-Stocker
How to: The Unix Interview
Where Google Chrome security fails: the password
I heard mention that the Chrome OS will have some sort of encryption available a la bitlocker. If it's possible to encrypt personal data using another password or key, then it may have potential for very secure data.... And Ubuntu has an 'encrypt home directory' option, perhaps google should follow suit.
- Dann
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
- Ubuntu advances: Why Ubuntu server installations will surge in 2010
- Social media marketing: How to make friends with benefits
- More...
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
