An overarching theme of the report reveals that SMBs around the world (and particularly in North America) believe they are too small and pose too little value to hackers to be worth their time, but recent trends in hacker and cybercrime activity reveal that’s just not the case.

In reality, SMBs’ limited resources, inadequate security, and lack of technical expertise make them more vulnerable to cyber attack, and hackers are taking notice.

Jeff Green, Senior VP of McAfee Avert Labs confirmed, “High profile attacks [on larger enterprises] are becoming less frequent because they are often detected quickly. Attackers are favoring stealth attacks that quietly infiltrate systems [of small and medium businesses].”

To change this trend, small and medium-sized organizations will need to make significant shifts in their fundamental values and budgetary allocations.

Today:

• 52% of SMBs believe they are not well known enough to be a target for cybercrime
• 46% believe hackers could not make any money by accessing their information
• 45% of SMBs think they hold little value to hackers
• 44% believe cyber crime is an issue for larger organizations
• 35% of SMBs are not concerned about being a target of cybercrime
• 34% don’t think their information has value outside the organization

As a result, an alarming number (74%) of  SMBs allocate three hours or less each week to IT security, and half of all SMBs surveyed feel adequately protected by default settings on the IT equipment. The effects of these lax standards are dire resulting in stolen data, downtime, decreased productivity, non-compliance, lost sales, and a tarnished reputation.

Businesses in this space typically experience a week of downtime trying to recover from a cyber attack, and real, out of pocket costs hover around $41,000 per incident.

So what’s a small business to do?

“Get ahead of the hackers. Take every step you can to prevent security breaches by partnering with organizations that specialize in security for small business,” advises FireHost Founder and CEO, Chris Drake. “We provide resources and expertise required to do business securely online, and FireHost helps SMBs achieve higher security levels for less money than they might spend taking on the challenge alone.”

The RideMatch.info flaw provides inadequate scrutiny of user-generated text entered in search boxes and fields throughout the website. Hackers exploit the SQL injection vulnerability by passing commands directly into the back end database.

The vulnerability was identified and reported in August by Kristian Hermansen, a security researcher who was required by his employer to sign up for the service. His report to The Register stated, “The reason I am bringing this to your attention is that the issue is not being fixed by the admins and most companies don’t even know that their employee’s personal and corporate information may be been compromised.”

To date, the exploit has exposed hundreds of employees’ sensitive information across several organizations in S. California, including at least one military entity.

The Ride Match website is a joint project between five regional transit authorities. The service pairs commuters based on home and office destinations as well as departure times. The Riverside County Transportation Commission, an agency responsible for the website, reported to have reached out to the Trapeze Group (a Canada-based development company that designed the software) right after the vulnerability was reported.

Once identified, SQL injection vulnerabilities can often be patched by changing a line or two of code, but The Register spoke to a Trapeze spokesperson on 9/8, and at that time she was unaware of any security bugs being reported on the software. She promised that any vulnerabilities brought to their attention would be investigated and resolved.

The decrease is fueled by a decline in the number of traditional banks. Researchers speculate  that this trend could be fueled by the financial crisis, or perhaps improved security measures when users login to “real” banks online is playing a role. Make no mistake however, hackers aren’t slowing down. They seem instead to be targeting Online Payment institutions instead as reflected in the rise of attacks over the last 18 months.

To further reinforce the movement toward Online Payment institutions, PayPal is mentioned in two of the top five subject lines from this year. (PayPal is included four times if you extend the list to the top ten slots.)

• Attention! Votre compte PayPal a ete limite!, 24%
• Important Information Regarding Your Limited Account, 7%
• PayPal® Account Review Department, 2%
• Account Security Measures, 1%
• Citibank Alert: Additional Security Requirements, 1%

Along with the change in volume, phishing attack origins have shifted dramatically this year. Russia takes the top spot, and they weren’t present on the list last year; Turkey, Ukraine, and India are new as well. Spain and Italy sat in the top slots last year, but Spain has completely disappeared along with Israel, France, and Germany who were smaller yet valid players in ’08.

The top 10 for 2009 include:

The net of these changes lay the groundwork to support foundational changes to the cyber community ecosystem are coming. Researchers are concerned that the decline in phishing attempts simply means that hackers are redirecting resources to other methods that obtain the same (or better gains) that phishing once achieved.

Websites that made the list represent the “worst of the worst” based on the number of threats detected by Norton Safe Web. Without downloading or clicking on anything in particular, you risk exposing your computer to infection and revealing your personal and financial information into the hands of cyber criminals. Simply visiting one of these websites could infect your computer, so we don’t recommend you actually visit any of the websites that made the list.

So what makes these websites so dirty? Malware, security risks like phishing, and browser exploits top the list. In fact, the average number of threats found on the top dirtiest sites is… (ready for this?) 18,000, and 40 of the top 100 dirtiest websites have more than 20,000 unique threats each lurking in the shadows waiting to exploit unknowing visitors.

Symantec found the dirty websites by crawling the web using web forensic techniques like file scanning, IDS (intrusion detection systems), behavioral detection, and install/uninstall analysis to find security risks. In addition, Symantec has more than 20 million active contributors in the Norton Community Watch program. You can see dirty site submissions in real time by visiting http://safeweb.norton.com/safety.

While Norton can help you detect which websites are bad, FireHost can help keep your website off the bad list. We help keep hacker activity at bay by providing application level firewall protection, proactive vulnerability monitoring, and much more as a standard part of every secure web hosting package.

A lack of threat awareness is not the problem. The study shows that almost all businesses in this category have installed anti-virus programs and kept security systems up to date, but a large number of SMBs still become victims of cyber crimes. When disaster strikes, viruses (41%) followed by spyware (26%) are most often the cause.

In a conversation with SC Magazine, Luis Corrons, PandaLabs technical director suggested, “these companies often lack the in-house staff and resources to fight off increasingly sophisticated and exponentially more targeted Internet attacks.”

The study’s results support Mr. Corrons claim that SMBs are not or able (or willing) to allocate the appropriate resources to close vulnerabilities and properly secure their environment.

• 52% of survey respondents have no web filtering solution
• 39% are untrained/unaware of IT threats
• 29% have no anti-spam solution
• 22% are without anti-spyware technology
• 16% do not have a firewall

So what should small and medium size business owners do?

Network vulnerability scans provide extremely high value. A thorough scan of your website(s), database(s), and application(s) can identify disasters waiting to happen. With a starting pricepoint around $100 each, vulnerability scans provide SMBs an affordable way to identify open ports, SQL injections, cross-site scripting (XSS) attempts, holes in JavaScript and web forms, and much more.

“In 2009, we see three key trends that could impact IT security – a continued explosion of new malware variants, advanced web threats, and an uptick in threats related to social networking sites.” Mr. Salem reinforced that “cybercriminals are more sophisticated and driven than ever, and they operate in an increasingly profitable underground economy that makes it easy for them to not only buy and sell stolen information such as credit card data or even identities.”

Data from Symantec’s Global Intelligence Network indicates we have reached the point where there are more malicious programs created than legitimate programs every day, and that cyber attackers leverage vulnerabilities fueled by application code. Hackers compromise specific (often open source) websites, and then use them as a means for launching other attacks across the internet.

Hosting websites in a secure environment helps prevent malicious hackers from breaching files and applications and stealing confidential information, but you can to more to protect your identity. Partnering with a web host who also has expertise in website security is critical. FireHost’s team of security engineers works directly with clients to help identify and close vulnerabilities in programming and design that hackers can use to exploit your company.

To learn more about how we help remedy JavaScript and open source vulnerabilities, visit our Services page.

It takes “as little as $300 to infect several Windows clients and take complete control of them in a test environment,” Mills reports. By using real samples of malicious code, she was able to infect PCs with a Sub Seven Trojan and gain remote access to the machines. Once inside the computers, she was exposed to some of the malicious tricks hackers can play on unsuspecting malware victims.

• Invert the users screen so images and text appear upside down
• Change background colors
• Direct the PCs browser to any URL
• Control webcams, chat sessions, and printers

After mastering the Sub Seven Trojan’s “mildly malicious” features and functions, Ms. Mills was ready for the big leagues. With a few simple keystrokes, she created a botnet to control multiple zombies and do things like shut down websites with a DOS attack, send spam, scan ports, and install malicious files and keystroke loggers on multiple PCs.

McAfee’s Avert Labs participated in the event and reported to participants that there are 400,000+ new zombies deployed and 4,000+ new pieces of malware discovered daily that result in over 1.5MM malicious website attacks every month.

Ms. Mills wrapped up the McAfee Malware Experience by saying, “The numbers aren’t all that surprising to me now that I’ve seen first hand how easy the malware is to create and use. All in all, I’d say it was a very sobering experience.”

Start protecting your online presence today by partnering with a Secure Web Hosting provider. Contact a FireHost sales engineer today.

If an up and coming hacker/prodigy can penetrate the network of a publicly traded, global corporation with a security division, imagine how easily he could ruin your business.

In just the last few months, Microsoft has announced two vulnerabilities discovered in their popular Office application suite. Specifically, these vulnerabilities affect Excel and PowerPoint, and both flaws allow hackers to install malicious software or even hijack a computer completely. For more information about resolving these two vulnerabilities, read the full report by Computer World.

This is a good example of a vulnerability in programs on your computer, and similar holes exist for web applications. As we’ve explained previously, web application vulnerabilities found in Drupal or WordPress can just as easily be used by malicious hackers to exploit your website and customers. It’s important to take an active role in securing your website, with secure hosting such as FireHost.

Although every application will contain vulnerabilities of some kind, you can still guard against the exploitation of your website’s applications by malicious hackers. FireHost protects your company and valued customers with industry-leading security, including sophisticated web application firewalls to prevent hackers from exploiting the applications running your website.

The value of making your customers feel secure when dealing with your company website is immeasurable. Discover the difference FireHost secure web hosting will make for your company, visit FireHost.com and contact a FireHost Agent today.