[Offtopic] Work PCs

[stephen at melbpc.org.au]

Gaming, porn rife at work
March 27, 2007

<http://www.theage.com.au/news/biztech/gaming-porn-rife-at-
work/2007/03/26/1174761375431.html>

ONE in seven Australian office workers has looked at online porn at work, 
and even more use office hours for online gambling, according to security 
company Websense.

Since the start of last year, Websense has collected data from 52,000 
people in Australian organisations using its security risk-assessment 
service.

The study found 22 per cent of users accessed "legal liability" sites 
such as pornographic, gambling, hacking and peer-to-peer sites at work - 
more than 1.6 million hits over the year. About 737,000 hits were 
on "adult" sites, ranging from lingerie to hardcore erotica.

"The number-one gambling sites were always the local TABs," Mr Camissar 
said. "Partypoker.com was the second-highest site . . . It's fair to say 
poker is the new Minesweeper."

About 92.7Gb of data was downloaded from YouTube, and 1626 hits made per 
organisation on peer-to-peer file-sharing sites. About a third of the 
organisations surveyed were government agencies and the rest companies.

Employees often used proxy sites to access banned content without fear of 
detection.

All the companies had firewall, anti-virus and anti-spam technology in 
place. But 59 PCs were compromised by keyloggers recording every 
keystroke and mouse click to steal information such as credit card 
details.

Between 10 and 20 per cent of machines in each organisation were infected 
by spyware, which uploaded information to the internet 136,214 times.

The software recorded 2649 hits to phishing sites, after 5 per cent of 
employees clicked on bogus emails designed to steal banking passwords.

Websense's ANZ manager Joel Camissar said the figures proved companies 
faced big security risks from inside and outside their firewalls.

"Even with organisations using best-practice anti-virus and anti-spam 
infrastructure, there is still content slipping through the net," he said.

"It could be that organisations are not reviewing how they utilise their 
solutions on a quick enough basis. Perhaps they are not tweaking the 
policies in the organisation to keep up with the pace of technology.

"Web security seems to be the weakest point in an organisation's defence."

Websense logged 36,000 hits to what it called "potentially unwanted 
software". The most popular was hotbar.com, a spyware utility that 
puts "smileys" in emails and monitors websites users visit.

"When we presented this (data) to a large mining organisation in Perth 
two weeks ago they said even if an organisation locks down their standard 
operating environment, Windows still allows users to install things like 
Hotbar and screensavers that put extra load on the desktop and the help 
desk," Mr Camissar said.
--

Cheers all ..
Stephen Loosley
Victoria, Australia