Cloud-based defences: a new security paradigm

The Internet has become ubiquitous, but beyond that, the new paradigms of cloud computing and social networking mean that more and more people have become increasingly dependent on the Web, and most surf it more intensely than ever before.

According to Gartner, cloud computing, Web-oriented architectures, and Web 2.0 social networking technologies—and by extension Enterprise 2.0—ranked as the top 10 most impactful technologies in 2009, and companies have been implementing them, and need to continue to do so in order to remain competitive.

To the CIO, the benefits are obvious: increased convenience and efficiency, a global marketing reach, an effective platform for innovation, and ease of communications, to name a few.

However, while the benefits are undeniable to businesses worldwide, CIOs also face new challenges as crime syndicates use the inherent strengths of the Internet and users’ trust in it to glean confidential information for illegal monetary gain.

Evolving threats
These Web-based attacks have grown in both size and sophistication over the last two years.

Perhaps even more pressing than viruses and other malware that try to breach organisational defences is the rise and evolution of phishing, where tricksters pose as legitimate parties to gain personal and confidential data, either through e-mail or fraudulent Web sites.

The Anti-Phishing Working Group found that such attacks have risen a whopping 585 percent in 2009; and what is even more worrying is that they have become harder to avoid.  As early as last year, phishing attacks were largely confined within the pornographic and gambling Web genres, so safety required steering clear of sites with bad reputations.

Not so these days. Phishing attempts have now gone mainstream, and the most popular and trusted sites—the auction sites, search engines, Top 100, and the like—are exactly where cybercrime wants to be.

Blue Coat Systems