Criticism of The Register and its management in public is unacceptable - The Register Management
|
|
|
Companies can't handle cybercrime
INSECURITY EXPERTS working for Deloitte claim that corporates are completely clueless when it comes to tackling the determined cyber criminal.
The CSO 2010 CyberSecurity Watch survey (PDF) shows that the sophisticated cyber criminal threat has become one of the fastest growing security threats to organisations and to citizens.
Report author Rich Baich said that cybercrime threats to organizations are increasing faster than companies can combat them.
He said that attackers are becoming smarter and using more sophisticated malware, viruses and techniques that have outpaced traditional security models and many current signature-based detection techniques.
What is more worrying is that this gap is only going to widen as cyber criminals build more complex and innovative threats, Baich added.
Adding a layer of complexity to this issue are the rise of social networking and online communications, online financial transactions, organized crime extending into cyber space, and the unfortunate motivation of economic hardships all over the world.
Baich said that companies need to understand the seriousness of threats to data, processes and tools. They need to shift from a security based approach to a risk based system.
Security techniques need to be shared and combined across your organisations, he said. µ
Share this:
Share
There we go again with the "wouldn't happen on Linux" crap.
Look, I know Linux is a better OS, and I know the technical side is much, much better defined and more secure than the crappy Windows design.
But please, could we stop with the "Linux is invulnerable to attack" stuff ?
90% of all cyberattacks are based on social engineering to get them started and, statistically speaking, Linux users do not have better skills than Windows users.
In other words, I firmly believe that a well-prepared, properly-executed cyber attack against a Linux platform would have every chance of succeeding just as well as one against a Windows platform.
I also believe that the skills and time required to mount such an attack largely surpass those required for an equivalent attack on a Windows platform.
Finally, it must be said that Windows attacks are easier by default since there is such a large library of experience to draw from.
So attacking a Linux platform is indeed harder, but let's see what happens when one is actually made, shall we ?
Even Google is vulnerable to cybercrimes, as we saw in the recent Chinese cyberattack via Internet Explorer on a Windows machine. I was surprised when I heard this, as I thought Google -- being an open-source company -- would be running Linux, not Microsoft Windows (perhaps they need some Windows machines to check HTML rendering on that platform?). Hopefully Google will now switch to using nothing but Linux on the desktop for this reason.
So I think that the title to this article could be more accurate if it was worded "Companies who run Microsoft software can't handle cybercrime". Because any company that migrates to Linux-based thin clients could certainly cut out 99% of the attack surface normally provided by Microsoft's multiple security holes.
No system is 100% secure, but no Windows system IS secure.
I suspect some crime organizations have been hiring some highly skilled engineers to do their works. Not too surprise, with so many of them out of work due to economy and out source.
I suppose they would say that because the contrary would eliminate most of their pay checks.