Microsoft: Security threats still evolving

Microsoft: Security threats still evolving

Summary: At the RSA Conference, Microsoft has warned that hackers are finding new targets for malware and internal comms are key to companies' security

TOPICS: Security

Security threats are continuing to evolve as hackers find new targets for malware, while businesses must improve their internal communications to combat threats, according to Microsoft.

Speaking at the RSA Conference Europe 2007, Ben Fathi, corporate vice president of development for the Windows Core Operating System Division at Microsoft, said: "It shouldn't come as any surprise that, as we improve the security of the operating systems and the infrastructure on the internet, the attacks are moving to applications and social engineering, including phishing scams."

There has been a 500 percent increase in Trojan attacks, from one million in the second half of 2006 to more than five million in the first half of 2007, according to research sponsored by Microsoft and conducted by the Ponemon Institute.

The survey found three-quarters of companies that admitted to poor communications and collaboration between their marketing, privacy and security divisions had suffered from a data breach — whereas fewer than a third of companies that thought they had good inter-departmental communication reported breaches.

Fathi said IT security is not just about technology. "It's about people and processes too... We need to have the privacy folks talking to the security folks and the marketing folks to have good protection from data breaches."

Read this


Feature: Ten tips for securing borderless networks

With companies facing increasing deperimeterisation in today's world of online collaboration and remote working, protecting corporate networks can be a challenge...

Read more

The keynote also contained some details on the forthcoming Windows Server 2008, which is due to be released on 27 February.

Fathi said the code will be Microsoft's "most secure yet" and will not be released until it is secure. "That has affected our release cycle but it was the right thing to do for our customers," he added.

Topic: Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


1 comment
Log in or register to join the discussion
  • security is not just about technology

    Admittedly, IT has to be able to secure their internal network, but sometimes the code in the OS is flawed and IT's hands are tied. Properly written software is still the responsibility of the vendor and IT can't be held responsible for that. Getting the vendor to admit there is a problem remains a huge problem, as they prefer to blame the user for security breaches.