Bots join a long list of security woes -- ADTmag

Bots join a long list of security woes

By ADT Staff
May 15, 2006

Nearly two-thirds of IT decision-makers aren’t confident they can prevent bots from infecting company PCs when they are not connected to the corporate network, according to a new survey conducted by Harris Interactive and sponsored by Websense.

Harris interviewed 351 U.S. IT decision-makers who work for organizations with at least 100 employees. The company also surveyed 500 U.S. employees who have Internet access at work and who work for organizations with at least 100 employees.

Remote control software can be unknowingly installed on an end-user's PC and cause distributed denial-of-service attacks and send spam, malicious code and phishing exploits.

The latest Web@Work survey by Web security provider Websense found that 19 percent of respondents’ employees' work-owned computers or laptops have been infected with a bot. Because bots are a relatively new threat for many IT decision-makers, there is still discrepancy on whether to filter bot traffic. The survey found 62 percent of respondents’ companies filter bots on their networks.

The survey also revealed:

17 percent of IT decision-makers have had employees launch a hacking tool or a keylogger within their network, versus 12 percent in 2005.
92 percent say their organizations have been infected by spyware, compared to 93 percent in 2005.
81 percent report their employees were targets of phishing attacks via e-mail or IM, versus 82 percent in 2005. Of those, nearly half say their employees have clicked through the URL, compared to 45 percent 12 months ago. This happened despite rising awareness: 49 percent of employees have heard of phishing compared to only 33 percent last year.
97 percent of IT decision-makers say they were somewhat confident their antivirus software is able to stop viruses from attacking their networks, yet, almost half of companies have been infected by a Web-based virus, such as the Toopher, Scob, Sober and Netsky worm.
Only 15 percent of respondents say they block HTML in e-mails, compared to 14 percent 12 months ago. Twenty-six percent say they block HTML in IM, compared to 24 percent in 2005. The finding suggests IM will continue to be a back door for hackers to hit up unsuspecting employees.