A comprehensive set of best practices covering anti-bot and malware, anti-spam and emerging mobile abuse was jointly released last week by the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) and the London Action Plan (LAP). The report provides proven strategies to help business, government and end-users stay safe.
For the SMB, technology can be the great equalizer and make competing with larger companies more possible. A small company can look, act, and appear much bigger and more sophisticated when the right tools are in place. Many SMBs turn to outside IT solutions and services for messaging, but regardless of opting to use outside services or internal resources, it is important for organizations of all sizes to be aware of cybercriminals’ activities and why (and how) they do what they do. This report, Best Practices to Address Online and Mobile Threats [PDF] is an excellent primer of the current cybercriminal landscape, written for a non-technical audience. It focuses on four major areas of concern: malware and botnets, social engineering and phishing, IP and DNS exploits, and mobile threats.
A thorough review of current and emerging threats and the proactive steps to help mitigate risks, makes this report well worth the time to read. The report helps explain why online threats have become so difficult to thwart and how these criminals are continuously changing tactics to avoid detection. The ever-increasing adoption of Internet and mobile technologies and the vital role they play for end-users, businesses, and governments has created an attractive medium for cybercriminals, especially in the popular platforms of the moment, like tablets, smartphones and other handheld devices.
“As a globally cooperative effort, the report brought together an unprecedented team of experts who outlined safe computing tactics in uncomplicated, accessible language for end-users, large and small businesses, and governments,” states Alex Bobotek, M3AAWG co-chairman. “This is also one of the first efforts to update industry recommendations recognizing that public agencies are important online enterprises, and just as companies need to implement best practices, so do governments.”
According to M3AAWG, this is one of the first global efforts to encourage governments to deploy best practices more commonly associated among businesses. To encourage government participation, the report was presented to the 34-member country OECD (Organisation for Economic Co-Development) for review.
“As the Internet economy grows, implementing the best practices detailed in the report will help reduce illegal activities such as spam, phishing, malware and spyware distribution, botnet deployment, the redirection of Internet traffic to malicious websites and denial of service attacks,” believe the authors.
The report includes input from a number of organizations, but M3AAWG, a well-known industry group that represents more than one billion mailboxes from some of the largest network operators worldwide, and LAP, a 45-memberAAWG organization of law enforcement agencies and industry participants, are the credited authors.
The comprehensive 48-page report includes explanations, recommendations, and a glossary. The report is free and is a highly recommended read for better understanding of the sophisticated online and mobile threats that exist today, the vulnerabilities being targeted, and what the near future holds.