Microsoft Corp. (NASDAQ: MSFT) today released a new edition of its global Security Intelligence Report and Mohammad Akif, the company’s national security and privacy lead for Canada, said more end-user education and awareness is still needed around the security and threat landscapes.
The bi-annual report is now in its seventh version and the report findings span from January to June of this year. The findings of the report signal that there’s still a lack of global market awareness around the security and threat landscapes, Akif said.
Microsoft released the results from its Security Intelligence Report, version six back in April and at that time, Akif noted that the biggest threat increase, worldwide, is with rogue security software. Rogue security software is usually advertised to users as a free software trial, giving users the option of purchasing a “complete” version of the product, when in fact, it’s fake security software. Once users input their personal and financial information, attackers have the ability to steal things like credit card information and individual identities.
The primary motive behind rogue security software is financial gain, Akif said. While the number of detected computers with rogue security software decreased in the past six months, compared to the last survey, Akif said this is still a serious threat to users.
“In the last six months, rogue security software was detected on 13.4 million computers (around the world), which was down from 16.8 million compared to the second half of last year,” Akif said. “This is an improvement, but it still proves to be a significant threat because it still remains the number one (threat) category in the world.”
In a previous interview with CDN, Symantec Corp. executive, Marc Fossi, the executive editor and manager of security response for Symantec, said based on Symantec’s research, the company has detected more than 250 distinct rogue security software programs around the world.
“The sophistication of fake security software is increasing so now it goes beyond just things like pop-ups.”
Akif suggested the amount of global rogue security software has decreased since Microsoft’s last Security Intelligence Report in part because of Internet Explorer 8’s SmartScreen technology. This technology considers Internet URL reputations, so if a URL is deemed to be malicious, the URL will be blocked from the end-user’s machine, he said.
According to this season’s volume seven Security Intelligence Report, seven out of the top 10 threat families in Canada are malware, while three are potentially unwanted software.
“Consumers in Canada are becoming more aware (of these threats),” Akif said. “But we still have to do more on the SMB font because this sized business is often the hardest hit in any economic situation. We have to convince these customers that de-investing in security is not a solution.”
Partners are encouraged to engage with customers and have conversations with them, Akif suggests.
“Awareness is the first step and also the people policy and process,” Akif explained. “A feature in Windows 7 is that if companies give laptops to employees who take them out of the office, the IT department can set up policies where only certain software and applications will work on the machines.”
Partners can also advise their customers to make sure their software is updated and that they encrypt USB keys, or other removable devices that leave the office environment.
“Our partners are the trusted advisors for our customers,” Akif said. “Security should always be kept on the forefront of any conversation they have. The main message is don’t let security be done as a matter of choice. It’s a necessity for all of us.”