BOULDER, Colo., Sept. 15 /PRNewswire/ -- As the bad guys look for new ways to exploit holes in technology, they have become increasingly financially motivated, with organized crime picking up where the 'hobbyist hacker', doing it for kicks, left off. Perhaps the most significant trend is towards more intelligent, targeted attacks on both individuals and businesses through increased Web presence, social media, and so on.
So, what kinds of web security threats are we talking about? Here are just a few:
- Malware, viruses and spyware. Email viruses and malicious code continue to be a potential problem, but more of a risk today is that of spyware downloaded from the Web, which can be used to track the activities of the user to act as a host for sending out Spam emails or denial of service attacks on Web sites, or to serve as a relay point to infect other computers.
- Web page drive-by infections. Malicious content can be picked up even from legitimate sites, if these have in some way been hacked. Such code can then infect a desktop computer without any indication, just by visiting the site.
- Social engineering and fraud. In these attacks, a Web user is duped into doing something that will open them up to risks. Social networking has made this easier than ever, bringing many more people into potential conversations with Web-based strangers.
- Misdirection and phishing. This is where fake Web sites are set up to look like the real thing in an effort to get financial account information, social security info, credit card numbers, and so on. A user may be directed to a phishing site via email, another site and other avenues.
- Denial of service and botnets. A denial of service attack may be launched on a corporate or governmental Web site, either for extortion, or simply because of a difference in beliefs: the goal is simply to shut the site down, at least for a period of time.
What to look for in a security solution.
While there's no simple answer to that question, there are three key ways to apply protection:
- Gateway Security. While desktop protection is an absolute necessity, utilizing edge- or gateway-security threat protection prevents malware attacks at the network perimeter. The perimeter is also a logical place to check for confidential company data leaving the organization.
- Endpoint Security. Securing a corporate network with industry-leading corporate antivirus, antispyware & malware protection is vital. Compare endpoint security software and find a solution that fits your needs
- (SaaS). Software-as-a-service-based security applications offer protection by blocking threats "in the cloud," away from your network. There are no software or hardware purchases, no single-point-of-failure risks, and no unexpected outages and replacements.
A hosted solution is ideal for businesses that want market-leading Web security, without the need for support, on-premise servers or remote clients. Hosted security solutions can also monitor outbound content to help prevent data leakage.