A lack of threat awareness is not the problem. The study shows that almost all businesses in this category have installed anti-virus programs and kept security systems up to date, but a large number of SMBs still become victims of cyber crimes. When disaster strikes, viruses (41%) followed by spyware (26%) are most often the cause.

In a conversation with SC Magazine, Luis Corrons, PandaLabs technical director suggested, “these companies often lack the in-house staff and resources to fight off increasingly sophisticated and exponentially more targeted Internet attacks.”

The study’s results support Mr. Corrons claim that SMBs are not or able (or willing) to allocate the appropriate resources to close vulnerabilities and properly secure their environment.

• 52% of survey respondents have no web filtering solution
• 39% are untrained/unaware of IT threats
• 29% have no anti-spam solution
• 22% are without anti-spyware technology
• 16% do not have a firewall

So what should small and medium size business owners do?

Network vulnerability scans provide extremely high value. A thorough scan of your website(s), database(s), and application(s) can identify disasters waiting to happen. With a starting pricepoint around $100 each, vulnerability scans provide SMBs an affordable way to identify open ports, SQL injections, cross-site scripting (XSS) attempts, holes in JavaScript and web forms, and much more.

Steve Hawkins, Raytheon’s VP of Information Security Solutions, told FoxNews.com that there are more than 30 different job descriptions available, and applicants must pass the most stringent security clearances. Qualified individuals must understand computer systems and have a handle on the interaction between hardware and software down to the nitty-gritty. Additionally, applicants should know how the adversary [ cybercriminals ] thinks and adopt their perspective, but in an ethical way.

Raytheon isn’t alone in the movement to beef up the US cyber army. The Center for Strategic and International Studies recently kicked off a nationwide talent search for high school and college students to encourage cybersecurity as a career path.

Aptly named, the US Cyber Challenge has set out to find 10,000 young Americans interested in becoming cyber guardians and cyber warriors. The program will nurture and develop participants’ skills and provide access to advanced education.

“We’re glad to see online security become a public concern. These competitions and recruitment activities reinforce our core belief that everyone is entitled to maintain an identity online without the threat of being hacked or defaced. Having more qualified individuals working to make the internet safer is only going to make our secure hosting services more effective,” states FireHost CEO, Chris Drake.

The Nine-Ball attack is deployed when a user visits a legitimate website that has been infected with the malicious code. From the legitimate website, unsuspecting users are redirected behind the scenes through a series of different sites owned by the Nine-Ball’s hackers.

The diagram below depicts a typical url progression that happens behind the scenes during a Nine-Ball deployment.

Nine-Ball Progresstion

When an infected site is visited for the first time, the user is directed to the ninetoraq.in exploit payload site where the visitor’s IP address is recorded and the trojan download is installed.

If a user on the same IP visits the legitimate website again, he or she is directed to the benign site of ask.com. Security experts speculate that the Nine-Ball hackers are using a benign destination url to throw cyber security investigators and cyber crime analysts off track.

The scary part is that most antivirus applications will not detect Nine-Ball’s malicious code. Websense experts report, that “the exploit is detected by only three of the 41 most commonly used AV programs.”