Workers are wasting 68 minutes a day on social games like FarmVille, according to Cisco’s 2010 Security Report. Meanwhile, global volumes of spam are expected to grow by as much as 30pc this year.
Cisco says the tectonic shifts affecting the IT world – the increasing use of social networking, the proliferation of network-connected mobile devices, and virtualisation – continue to alter the security landscape.
As a result, enterprise professionals must act immediately to put effective security practices into place in order to protect their companies’ reputation and maintain a competitive edge. The report outlines five recommendations for improving corporate security.
Social networking, virtualisation, cloud computing and a heavy reliance on mobile devices continue to have a dramatic impact on the ability of information technology departments to maintain effective network security.
To help manage these converging trends, Cisco advises that enterprises should: enforce granular per-user policies for access to applications and data on virtualised systems; set strict limits for access to business data; create a formal corporate policy for mobility; invest in tools to manage and monitor cloud activities; and provide employees with guidance on the use of social media in the workplace.
Virtual farms being tended
Cisco Security Intelligence Operations research found that 7pc of global sample of users accessing Facebook spend an average of 68 minutes per day playing the popular interactive game FarmVille from Zynga.
Mafia Wars was the second most popular game, with 5pc of users each racking up 52 minutes of play daily, while Café World, played by 4pc of users, accounted for 36 minutes of wasted time per day.
Although loss of productivity is not a security threat, cyber criminals are believed to be developing ways to deliver malware via these games.
Fifty per cent of end users admitted they ignore company policies prohibiting the use of social media tools at least once a week, and 27pc said they change the settings on corporate devices to access prohibited applications.
Cyber criminals are using technological innovation to their advantage. They exploit the gap between how quickly they can innovate to profit from vulnerabilities and the speed at which enterprises deploy advanced technologies to protect their networks.
While legitimate businesses spend time weighing the decision to embrace social networking and peer-to-peer technologies, cyber criminals are among the early adopters, using them to not only commit crimes but also to enhance their communications and to speed transactions with each other.
Spam continuing meteoric rise
Despite recent disruptions to criminal spam operations, in 2010, the worldwide volume of spam is expected to grow by as much as 30pc over 2009 levels, according to new research compiled by Cisco Security Intelligence Operations.
The US is once again the country where the largest amount of spam originates, pushing Brazil to third place. India currently ranks second, and Russia and South Korea round out the top 5.
Brazil experienced a 4.3pc decrease in the amount of spam originating in-country, most likely because more ISPs in that country are limiting Port 25 access.
Cyber criminals remain intent on targeting legitimate websites but are launching strategically timed, multivector spam attacks with a focus on establishing keyloggers, back doors and bots.
Social networks remain a playground for cybercriminals, with an increasing number of attacks. New threats are now emerging from a more dangerous criminal element: terrorists. Indeed, the US Government is concerned enough that they have awarded grants to examine how social networks and other technologies can be used to organise, co-ordinate, and incite potential attacks.
“Technological innovations are fundamentally changing the way people live, work, play, share information and communicate with each other,” explained John N Stewart, Cisco vice-president and chief security officer.
“Because consumers are typically the early adopters, enterprises often struggle to adapt existing polices to address their employees’ preferred use of technology.
“With a number of tectonic forces converging in the marketplace, now is the time for enterprises to transform their IT model to accommodate the emerging borderless network and increasing security challenges,” Stewart said.