Perimeter
Guest Blog // Selected Security Content Provided By Sophos
What's This?
10/27/2011
11:56 AM
Security Insights
Security Insights
Security Insights
Connect Directly
RSS
E-Mail
50%
50%
Repost This

Microsoft Research Shows Malware Infections Mostly 'Your Fault'

User vigilance is key to securing data, digital identities

Microsoft’s latest Security Intelligence Report (PDF) was released recently, and it showed a surprising finding: Nearly 45 percent of all malware infections cleaned up by its Malicious Software Removal Tool required a human to make a bad decision.

Am I surprised? Not exactly ... There has been a major shift toward social engineering in the past 24 months for cybercriminals. As we all do a better job of securing and updating our computers, the lowest-hanging fruit becomes ourselves.

In its 168-page report, the software giant describes phishing schemes, spam e-mail, assorted malware, and threats associated with social engineering as “entry mechanisms” for malware and a hacker having complete control of an infected computer.

While most of our Windows pain in recent years has resulted from poor security design and practices in the early days, Microsoft has taken security must more seriously in recent times. When all is said and done, it’s humans who respond to spam e-mail and announcements of free gift cards on Facebook.

Most of us aren’t great at reading a digital face over the Internet to determine whether we are being scammed: We have a lot to learn to be as good at it as we are in the real world.

Microsoft also provided evidence that despite all of the widespread, often corrosive media coverage about it, only about 0.1 percent of successful attacks resulted from so-called “zero-day” exploits -- which, theoretically, Microsoft can’t do much about because patches for them haven’t yet been developed. In its report, Microsoft found that those fears are mostly misplaced, arguing that the vast majority of zero-day vulnerabilities are immediately patched once discovered and are not commonly exploited.

This isn’t to say that Microsoft is innocent on all counts. We all have a role to play in protecting our digital identities, and with more than 80 percent market share, Microsoft needs to continue to proactively find its own flaws and make it even easier for the public to make the right decisions. With great power comes great responsibility.

Chester Wisniewski is a senior security adviser at Sophos Canada

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Latest Comment: LOL.
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-6213
Published: 2014-04-19
Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 Patch 1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1833.

CVE-2013-6214
Published: 2014-04-19
Unspecified vulnerability in the Integration Service in HP Universal Configuration Management Database 9.05, 10.01, and 10.10 allows remote authenticated users to obtain sensitive information via unknown vectors, aka ZDI-CAN-2042.

CVE-2012-0871
Published: 2014-04-18
The session_link_x11_socket function in login/logind-session.c in systemd-logind in systemd, possibly 37 and earlier, allows local users to create or overwrite arbitrary files via a symlink attack on the X11 user directory in /run/user/.

CVE-2012-6646
Published: 2014-04-18
F-Secure Anti-Virus, Safe Anywhere, and PSB Workstation Security before 11500 for Mac OS X allows local users to disable the Mac OS X firewall via unspecified vectors.

CVE-2013-4279
Published: 2014-04-18
imapsync 1.564 and earlier performs a release check by default, which sends sensitive information (imapsync, operating system, and Perl version) to the developer's site.

Best of the Web