"Businesses are struggling to protect themselves as these outside threats become more resistant to signature-based security tools," said Christine Liebert, senior analyst, Security Services. "It's becoming clear that many of these emerging threats cannot be defended against in-house, creating a shift in security posture toward being more proactive."

The security services threat intelligence market is made up of advanced security event monitoring and management technologies that incorporate a variety of threat-related information sources to develop predictive security. However, emerging Web applications and other difficult-to-detect attacks are changing the security protection landscape and, subsequently, enterprise security posture.

Signature-based tools including antivirus products, firewalls, and intrusion prevention software are only effective against 30 to 50 percent of current security threats, IDC says. Attacks are becoming shorter, lasting less than a couple of hours or only a few minutes, and can be highly targeted to a specific URL, person, company, or IT asset. This trend further complicates detection, mitigation, and remediation. Over the past five years, attackers have enlarged their scope to include commercial small and medium businesses (SMBs) offering high-value targets such as financial information, intellectual property, and other proprietary data.

Many organizations, despite having implemented some of the more standard countermeasures such as firewalls, antivirus, IDs, still do not have visibility across their environment to understand what is happening at any given time, IDC says. To ensure that enterprise network, application, data, and endpoints can remain secure, anti-malware products and services are evolving to deal with these threats and reducing reliance on general signatures by instead adopting other forms of detection. From 2010 to 2011, security services threat intelligence products and services grew 65 percent in North America as enterprises looked to proactively monitor and mitigate malicious network traffic.

Security threats are evolving and organizations struggle to keep pace. Advanced security event monitoring and management technologies grew 65 percent in North America on a year by year base from 2010 to 2011. Common signature based security tools are only effective against 30 to 50 percent of current threats. Photo: www.imagine-your-world.com

“Malicious users with access to the source code have an increased ability to identify vulnerabilities and build new exploits,” Symantec says. “Additionally, customers that are not following general security best practices are susceptible to man-in-the-middle attacks which can reveal authentication and session information. General security best practices include endpoint, network, remote access, and physical security, as well as configuring pcAnywhere in a way that minimizes potential risks.”

PcAnywhere allows remote users to connect to a host, using an Internet or LAN connection and an access password. The program runs on multiple platforms, including Microsoft Windows, Linux, Mac OS X, and Pocket PC.

“Our current analysis shows that all pcAnywhere 12.0, 12.1 and 12.5 customers are at increased risk, as well as customers with prior, unsupported versions of the product,” Symantec says. PcAnywhere is also bundled in three Symantec products, Altiris Client Management Suite and Altiris IT Management Suite versions 7.0 or later, and Altiris Deployment Solution with Remote v7.1. In addition, customers with earlier versions of Altiris suites may have opted to leverage pcAnywhere. The increased risk is isolated to the pcAnywhere components only. There are no known impacts to the rest of the components in the Altiris products or the pcAnywhere Solution component that provides integration between pcAnywhere and the Symantec Management Console. Customers should validate the remote control tools currently in use.”

Pc Anywhere users could be exposed to “man in the middle” attacks, meaning that data exchanged between a remote user and the host could be intercepted. If the malicious user gains access to passwords used to log on to the host, he could gain access to corporate networks. Users are also at risk of remote code injection. Symantec has released a White Paper (available here) to provide remediation steps to maintain the protection of their devices and information until security patches are released.

Symantec warns users about possible exploits in its remote access program pcAnywhere and recommends disabling the remote access software suite until patches are released to resolve the issue. Photo: EL

Datacenter connectivity, disaster recovery/business continuity, and data storage replication are the three primary applications driving adoption of Ethernet. "Enterprises are increasingly utilizing Ethernet services for domestic and international WAN networking," said Nav Chander, research manager, Enterprise Telecom. "The ability to efficiently transport multiple types of traffic - including voice and video, as well as non-IP-based traffic and storage traffic - is a key differentiator for Ethernet services within the enterprise."

Growth of Ethernet access as an alternative to leased lines for access to other services, such as to the Internet or IP VPNs, is also contributing to demand. Additionally, Ethernet services are often significantly less expensive than private line or packet services, and lower equipment costs also contribute to overall cost effectiveness.

Other key findings include the following:

• E-Line services make up slightly more than half of the Ethernet services revenue at present;
• Ethernet access market will maintain growth rates above 20 percent during the forecast period;
• More medium-sized enterprises are also adopting Ethernet as they migrate to VoIP, employ storage networking, and access cloud-based services;
• Implementation of hybrid Ethernet and IP VPN networks are a growing trend among enterprises.

Ethernet seems to be wired for success: Adaption rates are soaring, and revenue in the U.S. is expected to increase from $3.4 billion in 2010 to $8.2 billion in 2015. Photo: Public Domain

"This has the potential to shift the arms race regarding censorship to be in favor of free and open communication," said J. Alex Halderman, assistant professor of computer science and engineering at U-M and one of Telex's developers. "The Internet has the ability to catalyze change by empowering people through information and communication services. Repressive governments have responded by aggressively filtering it. If we can find ways to keep those channels open, we can give more people the ability to take part in free speech and access to information."

Today's typical anticensorship schemes get users around site blocks by routing them through an outside server called a proxy. But the censor can monitor the content of traffic on the whole network, and eventually finds and blocks the proxy, too.

"It creates a kind of cat and mouse game," said Halderman, who was at the blackboard explaining this to his computer and network security class when it hit him that there might be a different approach, a bigger way to think about the problem.

Halderman envisions that user could download Telex software from an intermittently available website or borrow a copy from a friend. Internet Service Providers (ISPs) outside the censoring nation deploy equipment called Telex stations. When a user wants to visit a blacklisted site, he or she would establish a secure connection to an HTTPS website, which could be any password-protected site that isn't blocked. This is a decoy connection. The Telex software marks the connection as a Telex request by inserting a secret-coded tag into the page headers. The tag utilizes a cryptographic technique called "public-key steganography."

"Steganography is hiding the fact that you're sending a message at all," Halderman said. "We're able to hide it in the cryptographic protocol so that you can't even tell that the message is there."

The user's request passes through routers at various ISPs, some of which would be Telex stations. These stations would hold a private key that lets them recognize tagged connections from Telex clients. The stations would divert the connections so that the user could get to any site on the Internet. Under this system, large segments of the Internet would need to be involved through participating ISPs.

"It would likely require support from nations that are friendly to the cause of a free and open Internet," Halderman said. "The problem with any one company doing this, for example, is they become a target. It's a collective action problem. You want to do it on a wide scale that makes connecting to the Internet almost an all or nothing proposition for the repressive state."

The researchers are at the proof-of-concept stage. They've developed software for researchers to experiment with. They've put up one Telex station on a mock ISP in their lab. They've been using it for their daily web browsing for the past four months and have tested it with a client in Beijing who was able to stream YouTube videos even though the site is blocked there.

Turning the whole web into a proxy server could make it virtually impossible for government to block individual sites or services such as YouTube, for example. Today's typical anticensorship schemes are more like a game of chess, allowing users to create a uncensored route through an outside proxy until the censor catches up. Photo: www.imagine-your-world.com

“The rise of broadband and better mobile networks and devices has meant that video has become an increasingly popular part of users’ online experiences,” said Kathleen Moore of the Pew Internet Project, author of the report. “People use these sites for every imaginable reason – to laugh and learn, to watch the best and worst of popular culture and to check out news. And video-sharing sites are very social spaces as people vote on, comment on, and share these videos with others.”

Indeed, the explosion of content on sites like YouTube has been an audience draw. The company reports that 48 hours of video are posted on YouTube every minute. And since 2005 the number of visits to the site has grown from 8 million views a day to over 3 billion per day. Other statistics on YouTube can be found on the company’s press page.

The survey found that rural internet users are now just as likely as users in urban and suburban areas to have used these sites. Some 68% of rural internet users have gone to such sites, compared with 71 percent of online suburbanites and 72 percent of online urban residents. Those are statistically insignificant differences and show that since 2009 online rural residents have caught up to others in using these sites.

In addition, online African-Americans and Hispanics are more likely than internet-using whites to visit video-sharing sites. “Many other online activities have not shown much growth in recent years in the number of people who pursue them. But the growth of video-sharing sites stands out against that trend,” said Moore. “More and more people see these sites as places to get a little dose of amusement or diversion and every once in a while to find something very moving.”

Video-sharing on sites like YouTube and Vimeo is on the rise, and 71 percent of online Americans use it frequently. Photo: www.imagine-your-world.com