No. 1 IT Security Worry: 'Hacktivists' Like Anonymous
What is the No. 1 security worry for IT professionals? According to a new report, it's "hacktivists" from Anonymous.
The new survey by security firm Bit9, titled 2012 Cyber Security Research, finds that cyber-criminals and nation-states take second and third place among the top three worries. The survey queried nearly 2,000 IT security experts in the U.S. and Europe about the current state of security.
Sixty-one percent of those surveyed said Anonymous and other hacktivist groups are most likely to target their organizations, with 55 percent believing that cyber-criminals will hit them and 48 percent fearing attacks by nation states.
The report found that 64 percent of respondents expect their organization to be the target of a cyber-attack within the next six months. Among those that fear nation-states, China is the main concern, followed by Russia.
Harry Sverdlove, Bit9's chief technology officer, said in a statement that the survey "highlights how the quickly changing criminal landscape is impacting IT professionals worldwide."
An overwhelming 74 percent of respondents believe that their security measures on employees' machines are not doing enough to protect against these threats. But, while endpoints -- laptops and desktops -- are considered the weakest link, 40 percent of respondents felt that infrastructure servers had the most effective security and 36 percent felt that way about file servers -- in spite of the fact that servers are frequent targets.
Role of Employees
Disgruntled employees, long considered a security threat, are seen by only 28 percent as a concern for their companies.
Fifty-eight percent said implementation of best practices and better security policies are the best ways to improve security in the enterprise, and 19 percent said individual employees could play "an important role" in improving security.
Forty-five percent see malware as the main attack method, including Trojans and rootkits, while 17 percent are most worried about "spear phishing," in which the source of a malicious e-mail appears to come from someone within the company. Although hacktivist attacks were the most worrisome, only 11 percent were concerned about one of the most common methods from those attackers, denial of service, and only 4 percent were worried about SQL injection.
When a breach does occur, an overwhelming 95 percent of those surveyed said that customers and the public should be notified. Nearly half, or 48 percent, said that the notification should include a description of what was taken, and 29 percent said that a description of how the attack took place is also warranted. Six percent felt the company had no obligation to disclose anything.
Charles King, an analyst with Pund-IT, said that many IT departments see security threats as much more organized these days, and that many of them come from parts of the former Soviet Union -- especially threats involving identity fraud for financial gain.
He said it appeared that many of the attacks from China are focused on state and corporate secrets, and that, "since the Internet is so tightly controlled there, it's hard to imagine that the Chinese government is not complicit."