According to the latest Microsoft Security Intelligence Report (SIRv7), worm infections in the enterprise rose by nearly 100 percent during the first half of 2009 over the preceding six month.That is horrible and indicates that more attentions should be paid to network security in enterprise. Before it does any harmful damages to us, we should do something! Rogue security software remains a major threat to customers; however, 20 percent fewer customers were affected by rogue infections during the past six months.

Worm infections have resurged to become the second most prevalent threat for enterprises in the first half of 2009 after Melissa appeared and defined mass-mailing worms as a class of malicious threats ten years ago!Worms rely heavily on access to unsecured file shares and removable storage volumes, both of which are plentiful in enterprise environments. According to SIRv7, the following were the top two families detected:

Conficker was the top worm threat detected for the enterprise, because its method of propagation works more effectively within a firewalled network environment. Conficker is not in the top 10 for consumers, because home computers are more likely to have automatic updating enabled. This further reiterates the need for enterprises to have a robust security update management program in place.

Taterf, with detections up 156 percent since the second half of 2008, targets massively multiplayer online role-playing games (MMORPGs). These attacks rely less on social engineering to spread, and more on access to unsecured file shares and removable storage volumes — both of which are often plentiful in the enterprise. Taterf’s impressive growth underscores the need for organizations to develop guidelines for removable drives (such as thumb drives) and evaluate how connections are made to outside machines.

According to the report, rogue security software remained the single largest threat category for the first half of 2009. In addition, while there has been progress combating rogues, this threat remained a major pain point for computer users during the same period.

Also known as “scareware,” rogue security software takes advantage of customers’ desire to keep their computer protected. Microsoft products and services removed malware from more than 13 million computers worldwide, down from 16.8 million in the second half of 2008. Computer users are advised to use an anti-malware solution from a company they trust and to keep its threat definitions up to date.

Network sniffer
A network sniffer can help a lot to build a secure network! Here is a very good one! Capsa Network Analyzer (Packet Sniffer) is an easy-to-use Ethernet network analyzer (aka. packet sniffer or protocol analyzer) for network monitoring and troubleshooting purposes. It performs real-time packet capturing, 24/7 network monitoring, advanced protocol analyzing, in-depth packet decoding, and automatic expert diagnosing.
By giving you insights into all of your network’s operations, Capsa Network Analyzer (Packet Sniffer) makes it easy to isolate and solve network problems, identify network bottleneck and bandwidth use, and detect network vulnerabilities.You can download a free trail here!