RSA: 10 lessons learned about security

IT professionals from around the globe flocked to London to the RSA conference to hear what's happening in computer security.

The RSA Conference in Europe is one of the highlights of the security calendar, where professionals come to hear the latest about the world of information security.

This year's show was one of the biggest yet, and IT PRO was there to find out what the hot topics of the conference were. Here are 10 things we learned from the show.

1 - You can make serious money out of cybercrime

Fraudsters are constantly finding new ways to make money out of both businesses and consumers. The traditional ways to collect financial data are still there, with phishing attacks and banking trojans, but new ways of making money such as bogus chip and PIN readers is becoming more of a problem.

Advertisement - Article continues below
Advertisement - Article continues below

The criminal underground, or dark cloud' as RSA head of technologies Uri Rivner called it, was now an organised criminal operation where the people in charge of creating the technical threats and the people who collect the money from victim's accounts never have to meet.

2 - Phishing is going web 2.0

Phishing is still a massive problem and there seems so end in sight.

RSA quoted statistics that showed its anti-fraud command centre shuts down 10,000 phishing attacks every month, with 100 analysts working in shifts doing this manually.

Businesses like financial services, internet portals and healthcare in addition to the public sector are being targeted by such tactics. The trend is now to target computer users with web 2.0 techniques like fake real-time chat channels on banking sites where a pretend fraud department' wants to chat with you.

3 - Criminals are collecting little bits of information about you

Advertisement - Article continues below

It's possible to find out a lot about an individual, just by a little investigation on social networks such as Twitter, Facebook and LinkedIn.

Herbert Thompson, a chief security strategist at People Security, demonstrated how information from simple Twitter messages and job seeking LinkedIn behaviour could be correlated together by attackers.

Thompson described how open source tools could build a visual map of an individual's relationships and how they were connected to people over time. He said we needed to make sure that employees were aware of what such gateway data could do and not put themselves - or their companies - in jeopardy.

4 - Security companies need to share their threat data

Advertisement - Article continues below

Conferences like Infosecurity and the RSA Conference are full of competing security vendors, but there was a feeling that it was about time that the companies got together and shared their threat data with each other - even if anonymously.

Although such companies are business rivals, there was general agreement that the threat landscape had changed so much that security companies had a responsibility to share their data on the newest malware threats.

Advertisement - Article continues below

5 - Attacks using web 2.0 are going to increase

Over time, cyber criminals have worked out that attacks against the user are a particularly good way for them to breach networks and collect data.

Kaspersky Lab senior researcher Stefan Tanase said that because web 2.0 was all about collaboration and user-generated content, this had created new attack vectors where sites like Facebook, Twitter and YouTube were vulnerable.

Featured Resources

How inkjet can transform your business

Get more out of your business by investing in the right printing technology

Download now

Journey to a modern workplace with Office 365: which tools and when?

A guide to how Office 365 builds a modern workplace

Download now

Modernise and transform your sales organisation

Learn how a modernised sales process can drive your business

Download now

Your guide to managing cloud transformation risk

Realise the benefits. Mitigate the risks

Download now

Most Popular

Microsoft Windows

Microsoft pulls disastrous Windows 10 security update

17 Feb 2020

How to use Chromecast without Wi-Fi

5 Feb 2020
Business operations

HP shareholders invited to come dine with Xerox

17 Feb 2020
operating systems

How to fix a stuck Windows 10 update

12 Feb 2020