In-depth

RSA: 10 lessons learned about security

IT professionals from around the globe flocked to London to the RSA conference to hear what's happening in computer security.

The RSA Conference in Europe is one of the highlights of the security calendar, where professionals come to hear the latest about the world of information security.

This year's show was one of the biggest yet, and IT PRO was there to find out what the hot topics of the conference were. Here are 10 things we learned from the show.

1 - You can make serious money out of cybercrime

Fraudsters are constantly finding new ways to make money out of both businesses and consumers. The traditional ways to collect financial data are still there, with phishing attacks and banking trojans, but new ways of making money such as bogus chip and PIN readers is becoming more of a problem.

Advertisement
Advertisement - Article continues below

The criminal underground, or dark cloud' as RSA head of technologies Uri Rivner called it, was now an organised criminal operation where the people in charge of creating the technical threats and the people who collect the money from victim's accounts never have to meet.

2 - Phishing is going web 2.0

Phishing is still a massive problem and there seems so end in sight.

RSA quoted statistics that showed its anti-fraud command centre shuts down 10,000 phishing attacks every month, with 100 analysts working in shifts doing this manually.

Businesses like financial services, internet portals and healthcare in addition to the public sector are being targeted by such tactics. The trend is now to target computer users with web 2.0 techniques like fake real-time chat channels on banking sites where a pretend fraud department' wants to chat with you.

3 - Criminals are collecting little bits of information about you

It's possible to find out a lot about an individual, just by a little investigation on social networks such as Twitter, Facebook and LinkedIn.

Herbert Thompson, a chief security strategist at People Security, demonstrated how information from simple Twitter messages and job seeking LinkedIn behaviour could be correlated together by attackers.

Thompson described how open source tools could build a visual map of an individual's relationships and how they were connected to people over time. He said we needed to make sure that employees were aware of what such gateway data could do and not put themselves - or their companies - in jeopardy.

4 - Security companies need to share their threat data

Advertisement
Advertisement - Article continues below

Conferences like Infosecurity and the RSA Conference are full of competing security vendors, but there was a feeling that it was about time that the companies got together and shared their threat data with each other - even if anonymously.

Although such companies are business rivals, there was general agreement that the threat landscape had changed so much that security companies had a responsibility to share their data on the newest malware threats.

5 - Attacks using web 2.0 are going to increase

Over time, cyber criminals have worked out that attacks against the user are a particularly good way for them to breach networks and collect data.

Kaspersky Lab senior researcher Stefan Tanase said that because web 2.0 was all about collaboration and user-generated content, this had created new attack vectors where sites like Facebook, Twitter and YouTube were vulnerable.

Featured Resources

The IT Pro guide to Windows 10 migration

Everything you need to know for a successful transition

Download now

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Software-defined storage for dummies

Control storage costs, eliminate storage bottlenecks and solve storage management challenges

Download now

6 best practices for escaping ransomware

A complete guide to tackling ransomware attacks

Download now
Advertisement

Most Popular

Visit/cloud/microsoft-azure/354230/microsoft-not-amazon-is-going-to-win-the-cloud-wars
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Visit/hardware/354237/five-signs-that-its-time-to-retire-it-kit
Sponsored

Five signs that it’s time to retire IT kit

29 Nov 2019
Visit/business/business-strategy/354252/huawei-takes-the-us-trade-sanctions-into-its-own-hands
Business strategy

Huawei takes the US trade sanctions into its own hands

3 Dec 2019
Visit/mobile/mobile-phones/354273/pablo-escobars-brother-launches-budget-foldable-phone
Mobile Phones

Pablo Escobar's brother launches budget foldable phone

4 Dec 2019