We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

The five big security threats of 2011

Vulnerabilities to watch out for

We introduce you to this year's batch of security vulnerabilities to watch out for.

Threat 4: PDFs

What it is: It may be the oldest online scam in the book, but email loaded with malware attachments is still a big problem despite a high degree of awareness and robust antivirus scanning in webmail clients such as Gmail and Yahoo Mail. Cluley puts the number of malware-related emails sent every day in the "millions," and says that "more and more spam is less about touting Viagra or fake degrees, but [is] turning malicious in nature."

PDF documents appear to be a prime method for these attacks, according to a recent report by MessageLabs, a division of Symantec. "PDFs are potentially one of the most dangerous file formats available and should be treated with caution...Because it is significantly easier to generate legitimate and concealed malicious content with PDFs," MessageLabs said in its February 2011 Intelligence Report.

In 2010, 65 percent of targeted email attacks used PDFs containing malware, up from 52.6 percent in 2009, according to MessageLabs, which further predicts that by mid-2011, 76 percent of targeted malware attacks could be using PDFs as their primary method of intrusion.

It's not just businesses that are targets of -mail scams either. Sophos recently discovered an email scam purporting to offer a £50 gift voucher from pet suppies firm VioVet.

Protect yourself: Make sure you are running an antivirus program and that it's up-to-date. Also, never open an email attachment that you weren't expecting.

Last but not least, make sure that you keep Adobe Reader (or the PDF reader of your choice) up-to-date; Adobe regularly releases security updates that fix known flaws. The new Adobe Reader X has an updated security architecture that can better protect you against malicious PDF attacks.

Threat 5: War games

What is it: State-sponsored malware attacks, industrial espionage, and hacktivism are on the rise, according to Perimeter E-Security's Jaquith. They may not be threats that affect everyone, but if you manage security for a business, they are the sorts of issues you should be paying attention to.

The hacktivist group Anonymous, for example, grabbed headlines this year for mounting attacks in defence of whistle-blower site WikiLeaks, and attacking government websites in support of recent protests in Egypt, Tunisia, and Libya. The group also leaked a cache of email messages from a security researcher who was trying to identify Anonymous members. "Whether it's WikiLeaks, Anonymous, or a Chinese or Russian attacker, theft of industrial secrets is shaping up to be one of the key issues of 2011," Jaquith says in a statement.

Protect yourself: If you are trying to safeguard your company's secrets or are worried about data leaks, monitor your company's network traffic for suspicious activity and conduct regular reviews of employee data access privileges.

The internet may be filled with malware and potential threats, but that doesn't mean you need to panic. Keep your guard up, use common sense, and keep your software up-to-date, and you should be able to reduce your risk of falling victim to attack.

See also:  10 great downloads to help secure your data

  1. Vulnerabilities to watch out for
  2. Mobile apps
  3. Social network-based scams
  4. PDFs


IDG UK Sites

OnePlus Two release date rumours: Something's happening on 22 July

IDG UK Sites

13in MacBook Air review, Apple's MacBook Air 2014 reviewed

IDG UK Sites

5 reasons to buy an electric car and 5 reasons not to

IDG UK Sites

Evernote Skitch: the best way for creatives to doodle feedback