Corporate cyberthreat looms as more employees go mobile
Chinese companies face an increasing cyberthreat as mobile devices and cloud-computing technologies are introduced to lower-level staff, information security researchers warned on Monday.
By 2020, there will be a sharp increase in "advanced targeted attacks" that could bypass traditional protection mechanisms and persist undetected for a long time, said a report by Internet security company Qihoo 360 Technology Co Ltd and research firm Gartner.
In most cases, advanced targeted attacks against companies and individuals are attempting to steal sensitive data such as customer and credit card data, trading records and other intellectual property, said the report.
Causing financial damage through critical system or business process outages may also be the purpose of the attack.
Wu Hequan, academician at the Chinese Academy of Engineering, said that with the majority of Chinese companies using mobile devices in their daily business, attackers are eyeing the mobile Internet for loopholes in corporate systems.
"About 57 percent of enterprise data centers will be running on the cloud by 2015. The centralization of information may help hackers get large amounts of information by attacking one cloud-computing facility," Wu said.
More than 90 percent of Chinese companies allow employees to "bring your own device" to work, according to a report by IDC, a United States-based research company. Most of the devices involved are personal computers, smartphones and tablets.
"BYOD has mixed personal life and corporate tasks in the same device. It is necessary to protect privacy while documents are processed during working hours. Apps using enterprise data have to comply with corporate policies," said the Qihoo-Gartner report.
It added that globally, most companies have not formulated a complete set of solutions to the threats caused by BYOD.
Annual shipments of tablets used in the mobile work sector is expected to reach 7 million by 2017, which would be a jump of 29 percent year-on-year, according to IDC.
China, along with Brazil, Russia and India, is expected to consume more than $206 billion of smart-connected devices by 2014 powered by increasing demand in the mobile work sector, said the report.
Chinese companies started to be aware of the damage of cyberattacks after the Edward Snowden surveillance case earlier this year.
Nearly 80 percent of large and medium-sized State-owned enterprises have functioning business security software protection, while only 5 percent of small and medium-sized private companies have deployed business-level software, said Qihoo.
Using office computers for personal use, ineffective Wifi management and delayed vulnerability fixes are among the most pressing security issues for China-based companies, it added.
The device with the lowest security decides the security level of the entire enterprise network system, said Qihoo.
gaoyuan@chinadaily.com.cn