The primary objective of IT is shifting away from server, storage and network optimization toward enabling new types of mobile business services and customer engagement. In this era of business mobility, more employees are using mobile devices and corresponding applications in the workplace.
The growing use of smartphones and tablets is allowing employees to convert personal downtime into hybrid productivity. All this comes at a cost in relation to virus and malware infiltration of corporate networks. Sensitive data processed outside the enterprise brings with it an inherent level of risk, because outsourced services bypass the "physical, logical and personnel controls" IT shops exert over in-house programs.
Recently, researchers at Trusteer said that a new variation of the Zeus banking Trojan has been detected, targeting users of hosted billing companies. The malware affects customers of cloud billing service providers such as Ceridian, a Canadian human resources and payroll firm. Security threats have moved past the “smash and grab” era to one where security threats are sustained over extended periods on what are now essentially always-open networks such as the cloud. And as those attacks are growing more sophisticated and taking place in real time, IT organizations need to instantly identify where attacks are taking place inside their IT
Trusteer's Amit Klein said, “These attacks are designed to route funds to criminals, and bypass industrial-strength security controls maintained by larger businesses. In the attack on Ceridian, Zeus captures a screenshot of a Ceridian payroll services web page when a corporate user (whose machine is infected with the Trojan) visits this website. This allows Zeus to steal the user ID, password, company number and the icon selected by the user for the image-based authentication system.”
In another attack, the Metropolitan Entertainment & Convention Authority lost $217,000 last year after an employee was targeted by a phishing email and infected with malware. While the majority of attacks are against known and patched security vulnerabilities, many high-profile attacks use new vulnerabilities before vendors issue fixes or cloud providers can stop the infiltration.
These cloud services can be accessed using unmanaged devices that are typically less secure and more vulnerable to infection by financial malware, such us Zeus.