Trustwave 2011 global security report reveals shift in cybercrime tactics

Trustwave has unveiled its 2011 Global Security Report, which reveals the target of attacks has shifted from traditional infrastructure to mobile users and endpoint devices.

Cybercriminals are shifting the target of their attacks from traditional infrastructure to mobile users and endpoint devices, according to the 2011 Global Security Report from Trustwave.

Research from Trustwave's SpiderLabs - the advanced security team responsible for the Trustwave's application security, incident response, penetration testing and security research - found that malicious tools became more customised, automated and persistent in 2010.

This trend, combined with the popularity of mobile devices and social media, is providing the perfect recipe for cybercriminals looking to compromise business, customer and private user and sensitive information. The report offers analyses of data compromise investigations, offensive security exercises and defence strategies taken directly from Trustwave's global client base.

• Third-party vendors continue to put companies at risk-88 per cent of breaches resulting from insecure software code or lax security practices in the management of third-party technology
• Cybercriminals "got fresh" in 2010-because in-transit credit card data is usually more recently created (more fresh) than stored data, two-thirds (66 per cent) of investigations found the theft of data in transit
• Food and beverage regained its title as the most breached industry-representing 57 per cent of the investigations
• A single organised crime syndicate maybe responsible for more than 30 per cent of all 2010 data breaches

Evolving Threats

Among the most interesting and surprising elements of the report is the rate and sophistication of attacks against mobile platforms and social networking sites. As the security of mobile networks has improved, mobile devices are increasingly the target of attacks, while social networking sites are quickly becoming cybercriminals' platform of choice to expand and propagate destructive botnets. Drive-by infections and mobile phishing attacks were among the most popular client-side attacks in 2010.

• Geolocation data is helping cybercriminals launch more sophisticated and targeted attacks against social networks
• Mobile devices offer cybercriminals an open door to corporate authentication credentials, sensitive data and trade secrets
• Anti-virus software is losing the battle against malware - the new breed of malware is virtually undetectable by current scanning software

Top strategic security initiatives for 2011

A key take-away from the report is that attacks are often successful in organisations that believed a comprehensive data security strategy was in place. For executives and managers who are tasked with ensuring their company does not suffer a security event, the report offers specific guidance for 2011.

• Assess, reduce and monitor client-side attack surface: monitor and inventory applications to measure adherence to standards and evaluate risk
• Embrace social networking but educate staff: an established policy and education can help protect against attacks originating from social networking tools
• Develop a mobile security programme: gaining control over configurations of mobile devices will help reduce risk

• Enforce security upon third-party relationships: choose a platform and vendor with a solid security history, and require vendors to undergo third-party security testing

Robert J. McCullen, chairman and CEO of Trustwave, "This year, we expanded the analysis of our compromise investigations, took a deeper look at the expanding and evolving landscape of data security vulnerabilities. In 2011 and beyond, organisations that approach their initiatives firmly committed to including security as an integrated requirement, and not just as a checkbox, will be most resilient to attack, reduce their risk to compromise, and be able to best protect both sensitive data and reputation."

John Yeo, director of SpiderLabs EMEA, "While the myriad of new devices and services around us continue to enable our personal and professional lives, it's imperative that there is a responsible focus on security at both the organisation and individual level. Criminals seek the path of least resistance and will take any opportunity to get hold of valuable information. We've seen that new or poorly managed systems are low-hanging fruit when the security implications have not been fully considered."

A complete copy of the "2011 Global Security Report" is available at: http://bit.ly/fjWsNZ

Report Methodology

The foundation of Trustwave's Global Security Report 2011 is data from real-world investigations and research that SpiderLabs performed in 2010. Results are based on information gathered from over 200 data breach investigations, 2,300 penetration tests and other security-as-a-service (SaaS) activities conducted for our clients. Standardised tools were used to record data, as well as other relevant details for each case or test.

About Trustwave

Trustwave is the leading provider of on-demand and subscription-based information security and payment card industry compliance management solutions to businesses and government entities throughout the world. For organisations faced with today's challenging data security and compliance environment, Trustwave provides a unique approach with comprehensive solutions that include its flagship TrustKeeper® compliance management software and other proprietary security solutions. Trustwave has helped thousands of organisations-ranging from Fortune 500 businesses and large financial institutions to small and medium-sized retailers-manage compliance and secure their network infrastructure, data communications and critical information assets. Trustwave is headquartered in Chicago with offices throughout North America, South America, Europe, Africa, Asia and Australia. For more information, visit https://www.trustwave.com.