back to article Bad news everyone: Cybercrime is getting even easier

The volume of malware threats is actually on the decline despite the increase in breaches, according to a study from Websense Security Labs. Websense Security Labs logged 3.96 billion security threats in 2014, which was 5.1 per cent less than 2013. Despite this, the number of high-profile breaches increased. Hackers have …

  1. This post has been deleted by its author

    1. dogged

      > And yet some of us still manage to keep our operations running and malware free as far as we know

      Fixed that for you.

      1. This post has been deleted by its author

        1. Phil O'Sophical Silver badge
          Coat

          tapes going back long enough to cover my arse

          I could have done without that mental image at lunchtime, thank you very much...

          1. Anonymous Coward
            Anonymous Coward

            lunchtime!?

            "...my pert & mouthwateringly succulent cul, tenderly shaved then drizzled with molasses dijon and accompanied by your choice of snowpeas or fava beans"

            That put the nom-nom-nom back in your om?

            1. Anonymous Coward
              Anonymous Coward

              Re: lunchtime!?

              I then ate it with some ffava beans and a few TK50s,

              slurp. slurp, slurp

              Yep, lost my appetite too, thanks

              1. Khaptain Silver badge

                Re: lunchtime!?

                I am sure that restoring eveyone's data back to 2010 would go down real well, you would very quickly become their favourite administrator..... Just be carefull of anyone that carries a heavy metal bar in their handbag/coat pocket.

        2. Anonymous Coward
          Anonymous Coward

          Who cares about tapes, they're sending all your financial data to Russia.

        3. Anonymous Coward
          Anonymous Coward

          Backups aren't security

          It depends on what you mean by secure :)

          At an old workplace, they only discovered that their security had been compromised when their Asiatic rivals started applying for patents on the processes that they where at the final testing stages for. Some of the documents where pretty much word for word on the technical side.

          So we had lots of backups, lots of security logs, but it turns out if a senior researcher uses the same credentials for 10+ years, and uses them on pretty much every site he can, then access is easy.

          Oh, and same researcher would take work home on USB sticks, bring them back, and be shocked that they where full of malware. Turns out his home machine was XP SP2, no AV, firewall disabled.

  2. Alistair
    Coat

    Being able to restore your data is only one aspect of the issue. Making sure that data doesn't escape the confines of your compound is rapidly becoming a bigger issue. Especially now that business is mandating collecting *all* data into "Data Lake" models. Security of data and access controls make *everyone* in the industry twitch. Subverting the security model with "social engineering" is becoming easier rather than harder from what I can see.

    And I'm still dealing with devs that come back with "lets chmod 777 that file....."

    1. Anonymous Coward
      Anonymous Coward

      "lets chmod 777 that file....."

      Naw, "chmod -R 644" is much more fun. Especially when someone does it in "/"...

  3. Little Mouse
    Devil

    Attacks are more targeted?

    That's pretty depressing. I assumed that everyone got spam for grow-it-big creams and pills.

    1. Anonymous Coward
      Anonymous Coward

      Re: Attacks are more targeted?

      Hey I'm now a single mass of muscle with a 3 foot willy covered in rolex watches. Living the life...

  4. John H Woods Silver badge

    Missing the point ...

    I usually get downvoted for this, but I still believe that the existence of "malicious URLs" is nothing more than the existence of unacceptable browser flaws. Visiting a web site is 'opening a document'; and it is my belief that it should not be possible for data to subvert the application used for viewing that data and it should definitely not be be possible to subvert the system beyond that application.

    How you supposed to even know if a URL is malicious until you've clicked on it, especially if it is shortened? Or in a QR code? Sure you can say oh, never click on a shortened URL, never scan a QR code, but then you are missing out on large chunks of functionality.

    1. phil dude
      Pint

      Re: Missing the point ...

      depends on your paranoia. I have been using firefox profiles to put distance between activities.

      If you are Mac/Linux/BSD you can created a "toxic" user and run the browser in there. Or even within a VNC session. Very little chance of it hurting the user/system then.

      I do the same using chromium and chrome (used primarily for google products), but some websites only work with chrome* (wtf?).

      I even have an ad-block free opera window to make sure sites that I like, that need to push ads...

      So in general URL's are agnostic. But probably a good idea to have some differing user environments to match the viewing target...

      P.

    2. Electron Shepherd

      Re: Missing the point ...

      it is my belief that

      it should not be possible for data to subvert the application used for viewing that data

      it should definitely not be possible to subvert the system beyond that application

      Those two goals sound like they are achievable.

      The thing is, to achieve them, we need to work out how to write complex software that doesn't contain any flaws. No-ones done that yet.

    3. Pascal Monett Silver badge

      Re: "it should not be possible for data to subvert the application"

      Friggin' A for that !

      But that is the marvel of modern tech : there's always someone to find a way to do something you hadn't even thought was related to the code you wrote.

  5. Elmer Phud
    Pirate

    I bet you copied that headline off the net!

  6. Anonymous Coward
    Anonymous Coward

    Only safe option:

    Stay off the internet!

    1. Anonymous Coward
      Holmes

      Re: Only safe option:

      NoScript is a good first step. Along with flushing Flash down the toilet. And a good ad- and tracker- blocker.

  7. Anonymous Coward
    Anonymous Coward

    It's not easy

    Unfortunately hackers can send well disguised e-mail with malware payloads. Fee can detect these until they have already deployed. Remember the white hats by day can be the black hats by night and there in lies the problem when the white hats turn evil.

  8. ecofeco Silver badge

    Easier?

    So this would be a great time to buy into more cloud and IoT, right?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like