The security landscape has seen enormous change in the past year, according to industry experts. From blended threats and key-logging to spyware and the evolution of phishing, the changing environment has major implications for the channel.
According to the recently released 2006 Australian Computer Crime and Security survey (AusCert), worms were the most common form of electronic attack.
Almost half of respondents (45 per cent) experienced this type of infection.
While there was an overall reduction in the level of activity detected, total average losses for electronic attack, computer crime, and computer access misuse or abuse increased by 63 per cent to an annual sum of $241,150 per organisation.
More public sector organisations experienced harmful electronic attacks (59 per cent) compared to private sector organisations (49 per cent).
"About one-in-five reported Trojan or rootkit infections, which is considered to be high given that such malware cannot self-propagate. The volume, therefore, is a reflection of attacker activity," the AusCert report said.
According to AusCert, there was a reduction in the reported use of security technologies, policies and procedures. Levels of qualification and training were also on the wane. Furthermore, many organisations aren't increasing expenditure on IT security in response to concerns about the adequacy of protection.
"In summary, 2006 is characterised by lower levels of attack and for most survey respondents fewer financial losses," the AusCert survey reported.
"But on the down side, lower levels of protective security measures [technical and non-technical] are being implemented, and there are still relatively high levels of dissatisfaction about organisations' readiness to protect their information systems."
User attitudes to security practices need to be changed, Websense country manager, Joel Camissar, said. Citing the recent AusCert survey, he said 60 per cent of malware was not detectable by antivirus software at the time it is discovered in the wild.
"Therefore, client computers with the most up to date antivirus software signatures are likely to be vulnerable to such attacks about 60 per cent of the time," Camissar said.
Commenting on the changing security landscape, he said many IT decision-makers have had employees launch a hacking tool or a key-logger.