Websense Community

Canada’s Cybercrime Report Card: Better or Worse in 2012?

Patrik Runald — Thu, 10 May 2012 00:05:00 GMT

Last May 2011, we conducted an analysis of Canada’s cyber security risk profile, which led to the discovery of a disturbing trend. Canada had become the newest breeding ground of cybercriminal activity.

In the hopes that things would get better, we conducted an exact comparison of the same cybersecurity stats one year later. And we were even more disturbed to see that in Q1 2012, hackers are still taking advantage of Canada’s “squeaky clean” cyber reputation and remotely controlling Canadian servers to carry out their criminal attacks.

Across the board, we’re seeing all types of malicious content coming out of the Great White North. For example:

· 170% Jump in Hosted Phishing Sites - Canada ranks #2 in the world for hosted phishing sites, jumping 170 percent in the last year. This is a significant increase and the country ranks ahead of some of the best known offenders like Egypt and Russia.

· 39% Increase in Bot Networks - Cybercriminals’ command and control centers are finding that Canadians make great hosts. In the past year, Canada saw a 39 percent increase in bot network activity.

· 239% Increase in Malicious Websites - The number of malicious URLs is also on the rise in Canada. Canadian computer users beware, Canada saw a 239 percent jump in malicious Canadian websites.

The bottom line is that things are getting worse, and it’s a worldwide trend. As we’ve stated in our 2012 Threat Report, in the past year alone, there has been a major increase in malicious sites and exploit kits and people are getting increasingly redirected to bad sites.

What’s going on in Canada is testament to the continuation of a very bad trend. In the past, malicious content has traditionally been hosted on servers in places like Europe. But, now the bad guys are shifting their infrastructures to sites that are hosted in countries that traditionally have had better reputations.

Even after last year’s discovery, we still have not seen any big takedowns of malicious sites in Canada. In fact, malicious sites seem to stay up longer than in other countries. The public and private sector need to work together to effectively make this happen. The question is, will they finally be able to do so moving forward?

Here's a map that shows the top countries hosting phishing sites for the first part of this year. You can clearly see that Canada now holds the number two position for hosting this type of malicious content.

Are you surprised that the trend has gotten worse in the past year?

What’s The Real Mobile Security Threat? And, is Canada Prepared?

Fiaaz Walji — Wed, 02 May 2012 11:54:00 GMT

With only a few days remaining until SC Congress Canada 2012, I've been thinking again about what keeps IT security professionals up at night. Every time I ask my customers, I get a common response: mobility. The Bring Your Own Device phenomenon is weighing heavily on the minds of Canadian’s IT security elite. And they have a good reason to be concerned.

By 2014, 1.1 billion smartphones will be in use. Today, the average mobile worker has three devices: smartphone, tablet, and laptop. Companies are allowing these devices to connect to their networks, despite their better judgment and the security risks. So, what’s the REAL mobile threat? Why is this a big deal?

New technology drives productivity, but it also increases risk.

Sensitive data on mobile devices travels – physically and electronically – from the office to home and other off-site locations. In addition, we expect to see targeted mobile-device attacks from malware, spyware, malicious downloads/mobile apps, phishing, and spam. That’s why some security experts see smartphones and other mobile devices as one of the most serious new threat vectors to an organization.

At SC Congress Canada, I’ll be discussing research from a Websense/Ponemon report that looks at the latest mobile risk intelligence from 451 Canadian security and IT professionals. For example:

58% of organizations experienced data loss resulting from employee use of unsecured mobile devices.
Canada is one of the countries that reported the most data loss and security exploits from mobile devices.
45% say that their employees circumvent or disengage security features such as passwords and key locks.

BYOD is outpacing Canadian enterprise security and policy. I will tackle this issue alongside Dr. Larry Ponemon (Ponemon Institute), Michelle Warren (MW Research and Consulting), and Faiza Kacem (National Bank of Canada) at SC Congress Canada on Wednesday, May 9 at 9:00 a.m. at the SC Congress Canada. I hope to see you there. If you can’t make it, I’ll update you in another post after the show.

Websense Wins Best Security Management Award at SC Magazine Awards Europe 2012

Talia James — Mon, 30 Apr 2012 00:55:00 GMT

Websense has continued its worldwide winning streak at the 2012 SC Magazine Awards Europe. Earlier this year Websense won three awards in the SC Magazine Awards US 2012. And last week, Websense won Best Security Management for Websense Web Security Gateway Anywhere.

The SC Awards Europe are widely recognized as the most coveted and prestigious awards for the European information security industry. This year’s organizers reported that they received a record number of entries this year.

Winning the Best Security Management Award recognizes the power and effectiveness of Websense solutions in an ever-changing world with more social networks, an increasingly mobile workforce, and sophisticated modern malware.

TechWeekEurope: London Marathon Faces ICO Investigation

Talia James — Fri, 27 Apr 2012 21:26:00 GMT

“Organisations need to be able to identify sensitive information and make sure it remains safe,” commented Carl Leonard, senior manager at Websense Security Labs. “Accidents happen, so protecting confidential data is essential if you don’t want to risk cybercriminals running away it…”

http://www.techweekeurope.co.uk/news/london-marathon-faces-ico-investigation-74666

The Inquirer: London Marathon website leaks runners' personal details

Talia James — Wed, 25 Apr 2012 21:24:00 GMT

Carl Leonard, senior manager at Websense Security Labs told The INQUIRER, "Data is everywhere and its value is growing exponentially with huge volumes of new content being created and shared every second. As organisations manage this data, the challenge is that much of it is sensitive and theft is a major concern…”

http://www.theinquirer.net/inquirer/news/2169808/london-marathon-web-site-leaks-runners-personal-details

SC Magazine UK: Detection of Mac malware to expand, as realities of mobile malware are laid bare

Talia James — Tue, 24 Apr 2012 21:13:00 GMT

“Websense Security Labs' 2012 Threat Report said that while exploit kits and advanced methods to attack Windows systems and the software that reside on this platform exist against the large surface area, new rogue anti-virus dropper files are surfacing for Mac OS as it continues to increase in popularity…”

http://www.scmagazineuk.com/detection-of-mac-malware-to-expand-as-realities-of-mobile-malware-are-laid-bare/article/237392/

Websense Reports Record First Quarter Billings on Strong TRITON Performance

News Release Archive — Tue, 24 Apr 2012 20:05:00 GMT

- First quarter revenues of $89.5 million, up one percent year-over-year - First quarter billings of $80.6 million, up five percent year-over-year - First quarter TRITON billings of $49.0 million, up 42 percent year-over-year SAN DIEGO, April 24, 2012 /PRNewswire/ -- Websense, Inc. (NASDAQ: WBSN) today announced financial results for the first quarter of 2012. The company also announced the promotion of Michael A. Newman to executive vice president and chief financial officer. "This was the...(read more)

PC World: Infected WordPress Blogs Blamed for Mac Flashback Trojan

Talia James — Mon, 23 Apr 2012 21:06:00 GMT

“Websense has estimated the number of infected WordPress sites to be 30,000, with others putting the number as high as 100,000 but what matters is that the overwhelming majority - 85 percent - were based in the US…”

http://www.pcworld.com/businesscenter/.../infected_wordpress_blogs_blamed for_mac_flashback_trojan.html

InfoSecurity Magazine: Websense report discusses the life-cycle of an advanced attack

Talia James — Fri, 20 Apr 2012 19:06:00 GMT

“Traditional defenses just aren't working any more,” said Charles Renert, vice president of research and development for Websense. “Organizations need real-time defenses with multiple detection points that deeply analyze both the inbound content of each website and email as well as the outbound transmission of sensitive data…”

http://www.infosecurity-magazine.com/view/25291/websense-report-discusses-the-lifecycle-of-an-advanced-attack

Websense 2012 Threat Report: How Cybercriminals Are Infecting Networks and Stealing Data Undetected

News Release Archive — Thu, 19 Apr 2012 12:05:00 GMT

Award-winning Websense Security Labs outlines top recommendations and insights for protecting from and containing sophisticated malware and targeted attacks SAN DIEGO, April 19, 2012 /PRNewswire/ -- Research released today by the Websense ® Security Labs™ in the Websense 2012 Threat Report reveals the trifecta that is driving epidemic levels of data theft: 1) extremely effective social media lures; 2) evasive and hard-to-detect infiltration of malware; and 3) sophisticated exfiltration...(read more)