When trying to get a handle on cybercrime today, consider this: In millions of homes across America, unencrypted company information is sitting on unprotected desktops and laptops – in the hands of employees who have had no security training. At the same time, we see software being deployed that can stealthily and remotely scan the hard drives of those machines for specific data, and secretly transmit it back to the scanner.
This disturbing picture emerges when you combine two very different kinds of cyber security research published recently. First we have a survey of security practices related to the BYOD phenomenon (as in, bring-your-own-device: carrying out company business on personally owned computers, tablets and smartphones). A Harris poll commissioned last month by ESET revealed that more than 80 percent of employed adults in America use one or more of their own digital devices to carry out work-related activities, and a lot of those devices are not well-protected.
For example, it appears that very few people use autolocking with password protection (where the device requires a password to unlock after a period of inactivity, something that is standard on just about every contemporary device). The percentage of personally owned devices used for work and employing this basic data protection measure was lower for smartphones than it was for personal laptops and desktops. Tablet devices were even less protected than smartphones, with only one in 10 being protected.
Stronger protection of company data in the form of encryption was confirmed by only one-third of survey respondents. As you can see from the pie chart (below) equal numbers of people said encryption was not used or they did not know if it was used. This reflects the general lack of security awareness and training revealed by the responses to another survey question: Have you ever received computer security training of any kind from your employer? Sadly, 64 percent said they had not.
Overall, BYOD is a target rich environment for cyber criminals and they are developing an impressive arsenal to carry out attacks. Consider the subject of our second piece of research, a recently uncovered piece of trojan code that enables remote-controlled, keyword searches for Word documents on the hard drives of its victims. This is the Win32/Georbot, which appeared at first to have a connection to the government of Georgia (the country, not the U.S. state). Researchers at ESET managed to gain access to the control panel of the botnet, the network of computers infected with Win32/Georbot, and from there they could read the keywords for which the operator for the botnet was searching, including FBI, CIA, FSB, KGB, captain, colonel, and weapon.
