February's top five IT security threats

Safety helmet

The criminals are now getting into their malicious swing. Here are five of some of the biggest threats IT PRO has seen this month

1) Insiders

People are at the heart of security, so what happens when employees go bad? The recession has and will force many IT people out of jobs, and there will be a lot of angry employees looking for revenge.

So what should businesses do about the problem? Sophos says it should be standard policy to handle exits sensibly and carefully. BT's chief technology officer (CTO), Bruce Schneier, also provided advice in the form of five ways that IT managers could prevent insider attacks.

2) Spam and phishing attacks

Spam and phishing are classics in the online criminal's repertoire. But, as long as users keep falling for the tricks, the bad guys will just keep sending on the emails. Earlier in the month, it was all about Valentine's spam as criminals tried to get users to download toxic attachments.

According to RSA, the British are also victims of the most phishing attacks in the world.

And don't think you're going to escape if you're a Gmail user either. Soon after Google's highly publicised outage, phishing attacks were targeted at Gmail users using the Google Talk IM system.

3) Adobe Reader and Acrobat PDF files

It's not the first time Adobe has been targeted and it's not the first time that PDF files were found to be malicious.

However, what has caused the most uproar this month is the fact that Adobe will take until mid-March to fix the problem.

That said, if you are particularly concerned, one security researcher took it upon herself to create a homemade patch for the flaw. There's no 100 per cent guarantee it will work, however.

4) The Facebook application Error Check System

Many users had to face fake notification messages from this Facebook app, which tried to convince them to add it by claiming something was wrong with their profiles.

Security researchers weren't totally sure what the application's aim was, but the potential for harm was there.

5) Conficker

The worm that caused so many problems to networks at the beginning of the year is still around, and was so serious that Microsoft thought it was worth putting a $250,000 bounty on the head of those who created it.

However, the worm is still out there and spreading. A new variant Conficker B++ has been released into the wild, with new characteristics which could try to get around the IT industry's attempts to bring it down.