Finjan, the global provider of best-of-breed proactive web security solutions for businesses and organisations, is advising enterprise CIO’s that web-based spyware is the number one threat to their businesses.
Finjan’s Malicious Code Research Centre (MCRC) estimates – based on a number of security audits conducted at large organisations and businesses – that a single enterprise can expect on average over million instances a year of employees accessing Websites carrying spyware and other malicious content by 2007.
Spyware continues to attract a great deal of attention, but the threat should not be underestimated. It is not only designed to get around traditional technological defences, but also designed to take advantage of how employees use technology. An often invisible threat until too late, spyware code is deliberately designed to download itself unseen via a website page or email attachment.
Spyware can then be used to:
– Create “spam bomb’ style threats
– Use enterprises networks and computing power to generate large-scale phishing campaigns
– Launch viruses from behind the firewall
– Send data (e.g. bank account information) back to it’s creator
– Enable access to a business network whenever the spyware owner feels like logging on and taking a look
– Lie uncovered until a specific date, when it completely crashes and destroys vital files or brings down the infrastructure
– Initiate an attack on internal enterprise servers from the inside
– Launch other forms of security threat