The first group is the “Competent but Careless” bracket that consists of individuals between the ages of 18-24. Adam Wosotowsky of McAfee Labs told us that this group has grown up on the Internet and that they are less likely to use antivirus protection.

“They feel very confident about their ability to use computers,” he said.

The second group is the “Confident but Casual” bracket, which includes consumers from 25-45. Wosotowsky explained to us that, since this group has seen the Web develop, they are more aware of issues that can happen. While they are more paranoid than the younger group, they are still not as cautious as they should be.

The last group is the “Conservative and Cautious” category and, of course, is made up of people over the age of 45. Most of this age group is not as familiar with the Web as the other groups are and, therefore, is very cautious in their behavior.

Does your age group match how you behave online? Let us know.

Through online banking, each of these age groups is susceptible to phishing attacks, infections, drive-by downloads, and more, all of which could cause very harmful results. Speaking of drive-by downloads, specifically, Wosotowsky said, “Once you become infected, then at that point in time, the botmasters have full control over your machine.”

Fortunately, there are steps that users can take to help them avoid these attacks. For starters, Wosotowsky recommends that consumers be on the lookout for copycat sites. For instance, the title of your bank might be in the domain name somewhere, but if the site does not have the exact same url as your bank’s website, don’t click on it.

Secondly, he warns against clicking on links in emails. If you get a notification in your email asking for username and password verification, go directly to your bank’s website to see if the notification is legitimate. If it is, you can proceed with offering your information, but if not, you have saved yourself from getting hacked.

Even though this sounds simple, Wosotowsky says it is always a good idea to have strong passwords or phrases. He actually believes that long phrases are more effective than just a password.

Fourthly, for those consumers that utilize mobile banking, it is very important to find an app directly from your bank or financial institution. Wosotowsky told us that there are a lot of third party banking apps to choose from that are bogus.

Wosotowsky also believes that consumers should protect themselves through antivirus measures. He said that it not 100 percent bullet proof but that it is better than nothing.

Are you taking proper precautions that you need to take in regards to your online banking habits?

What’s more is that the victims have been government agencies, defense contractors, and organizations such as the International Olympics Committee. From the report, it appears that the attacker, which McAfee calls a “nation state actor,” was going after information regarding diplomatic, economic, and military issues such as valuable intellectual property or trade secrets.

“We can expect to see that information utilized for building competitive industries and taking away market share in the near future,” said Dmitri Alperovitch, the Vice President of Threat Research at McAfee and the author of the report.

McAfee did not identify the attacker, but numerous reports have labeled China as the assailant. China, however, has denied these claims.

Alperovitch went on to say that McAfee had been tracking the attack for some time but that it recently gained access to one specific command and control server used by the attackers. Through it, they were able to identify all the victims that had been compromised and understand the magnitude of its impact.

“This really provided us a very complete picture of the full impact of these attacks on our entire economy, as well as nationally,” said Alperovitch.

Other security firms, however, do not see eye-to-eye with McAfee’s report. Symantec has said that the attack was neither “advanced” nor “sophisticated” since it was able to freely access the same information about the victims on the attackers’ control and command site.

In the Shady RAT report, Alperovitch said the focus of the analysis was on Advanced Persistent Threats (APTs). He told us that this term was coined by the government to describe a nation state actor that had committed cyber espionage against the government but that it was expanded to include any nation state that was performing computer network exploitation (CNE). He doesn’t think that the other security firms should focus on the terminology and said that a better acronym would be SPT to stand for Successful Persistent Threats.

According to him, the attacks were only as advanced as they needed to be. The attackers didn’t have to use new tools or new tactics because the old ones were able to get them what they wanted.

“One of the things that differentiates this activity from traditional criminal activity is that they’re really interested in you as an organization,” he said. “They don’t necessarily care about how well your competitors are doing… they’re going after you because of unique data that you have related to your intellectual property, or specific projects you’re working on, or sensitive business information.”

“They can’t get that data anywhere else, which is why they’re targeting you,” he added.

Alperovitch believes this activity is different from criminal activity because criminals have a financial motive. If they feel one bank, for example, is too hard to rob, they will try another bank.

“Some firms correctly stated that some of these attacks were not very advanced, and we never claimed they were,” he said. “They were successful, and they were devastating from the impact to these organizations, but they were only as advanced as they needed to be.”

Sophos has also spoken out against the Shady RAT and said that it doesn’t clearly state “what information was stolen from the targeted organisations, and how many computers at each business were affected.” It additionally claims that McAfee may have released the report to drum up some publicity since it was released just before the BlackHat security conference began.

Eugene Kaspersky, the co-founder of Kaspersky Lab, also had some words to share about what he calls “Shoddy RAT.” He said it was a botnet that did not deserve as much attention as it had gotten and referred to McAfee’s conclusions as “largely unfounded and not a good measure of the real threat level.”

In response to this criticism, McAfee CTO Dr. Phyllis Schneck wrote a post and said that these security firms were missing the big picture of the report. When we spoke to Alperovitch, he echoed her sentiment.

“It doesn’t really matter how these intrusions are being done,” he said. “The fact of the matter is, they’re successful, and they’re having a massive impact on our economy.”

The report, authored by McAfee VP Threat Research, Dmitri Alperovitch, discusses the investigation of targeted intrusions into over 70 global companies, governments and non-profit organizations that have occurred over the last five years.

“What we have witnessed over the past five to six years has been nothing short of a historically unprecedented transfer of wealth — closely guarded national secrets (including from classified government networks), source code, bug databases, email archives, negotiation plans and exploration details for new oil and gas field auctions, document stores, legal contracts, SCADA configurations, design schematics and much more has ‘fallen off the truck’ of numerous, mostly Western companies and disappeared in the ever-growing electronic archives of dogged adversaries,” writes Alperovitch in the report.

“What is happening to all this data — by now reaching petabytes as a whole — is still largely an open question,” he continues. “However, if even a fraction of it is used to build better competing products or beat a competitor at a key negotiation (due to having stolen the other team’s playbook), the loss represents a massive economic threat not just to individual companies and industries but to entire countries that face the prospect of decreased economic growth in a suddenly more competitive landscape and the loss of jobs in industries that lose out to unscrupulous competitors in another part of the world, not to mention the national security impact of the loss of sensitive intelligence or defense information.”

He goes on to call the report the “most comprehensive analysis ever revealed of victim profiles” published in an effort to spread public awareness about how the lack of voluntarily disclosed intrusions is contributing to the lack of understanding throughout the public and the industry as well as of the intrusions themselves or “Operation Shady Rat”, as he named it, with “RAT” standing for Remote Access Tool. The intrusions are believed to stem from a “state actor” because of the apparent lack of commercial gain.

“This is not a new attack, and the vast majority of the victims have long since remediated these specific infections (although whether most realized the seriousness of the intrusion or simply cleaned up the infected machine without further analysis into the data loss is an open question),” Alperovitch explains. “McAfee has detected the malware variants and other relevant indicators for years with Generic Downloader.x and Generic BackDoor.t heuristic signatures (those who have had prior experience with this specific adversary may recognize it by the use of encrypted HTML comments in web pages that serve as a command channel to the infected machine).”

Here’s a breakdown provided in the report of the types of organizations (and how many) have been affected:

Included were 49 victims in the US, 4 in Canada, 3 in South Korea, 3 in Taiwan, 2 in Japan, 2 in Switzerland, 2 in the UK, 1 in Indonesia, 1 in Vietnam, 1 in Denmark, 1 in Singapore, 1 in Hong Kong, 1 in Germany, and 1 in India.

Reuters is suggesting that China may be involved, citing a “cyber expert” with the Center for Strategic and International Studies as saying it was likely China because some of the targets had info that would be of “particular interest to Beijing.” Jim Lewis, this cyber expert, is quoted as saying, “Everything points to China. It could be the Russians, but there is more that points to China thanRussia.”

The McAfee report (pdf) makes no mention of such accusations, and has not commented on the notion.

The company does provide significantly more details about its findings in the report, however.

Jive Software, a provider of social business software for the enterprise, announces the news as another company with a similar description made a big announcement today. Salesforce announced the acquisition of Radian6, which powers some recently announced social features of its “Service Cloud 3″.

“We are thrilled to welcome these forward-thinking leaders to our Board of Directors,” said Jive CEO Tony Zingale. “Jive is at the forefront of innovation in the enterprise with Social Business Software. We are confident that their experience and leadership will enable us to further extend our market leadership and momentum.”

The appointment of the Jive Board members are being taken as a way to lend credibility to a pending IPO. It’s not a bad list, so credibility shouldn’t be much of an issue.

“As a current Jive customer, it is clear that Social Business Software is the most important new enterprise application category in a decade,” said David DeWalt. “Jive’s market leadership position, customer base and innovative product, is driving the new way to do business.”

“There has been limited innovation in enterprise platforms and applications in the last decade,” said Chuck Robel. “Social is taking over the enterprise. Jive is bringing social into the enterprise the right way – securely, at scale, and providing real business value.”

“Jive is helping modernize how people engage with each other in the workplace to make work better,” said Jonathan Heiliger. Not bad coming from a Facebook exec.

“Social Business is an attractive market opportunity and is in many ways driving innovation in enterprise software,” said Pichai. “Jive has great vision and insight in the Social Business space and I’m excited to join the team.”

Jive says the leaders will help guide it on the next phase of growth in the social business software market. I can’t help but wonder if its interests won’t butt up against those of Google’s or Facebook’s in the future – especially Google.

Google is very focused on both getting into the enterprise and improving its social strategy. For Facebook, it seems like a logical step in the future as its interests continue to overlap more and more with those of Google.

McAfee will maintain its own brand, and the first "fruits" of the partnership will hit the market later this year, the companies said. 

"In the past, energy-efficient performance and Internet connectivity have defined computing requirements,” said Renée James, Intel senior vice president, and general manager. "Intel has added security as a third pillar of what people demand from their experiences with personal computers and other connected devices. Security challenges put the future potential of computing at risk. The acquisition of McAfee adds not only world-leading security products and technologies to Intel’s computing portfolio, but also brings incredibly talented people focused on delivering products and services that help make connecting to the mobile Internet safer and more secure."

Pat Clawson, CEO of endpoint security provider Lumension reached out to us with some thoughts on the acquisition and its effect on the industry, after it was first announced.

"Intel’s acquisition of McAfee will not only fundamentally change the security landscape, it will have a ripple affect throughout industry. With this acquisition Intel is addressing areas that we really need to get better at protecting – smart phones, televisions, medical technology and cash machines. Short term, it gives Intel a competitive advantage but will no doubt make other chip manufacturers, like AMD, consider whether they need to mirror the acquisition."

McAfee is now a wholly-owned subsidiary of Intel, and reports into Intel’s Software and Services Group. McAfee had experienced McAfee, which has experienced double-digit year-over-year growth when Intel first announced the acquisition. 

The security firm said in a statement, "The list comprises 2010′s most buzzed about platforms and services, including Google’s Android, Apple’s iPhone, foursquare, Google TV and the Mac OS X platform, which are all expected to become major targets for cybercriminals."

URL shorteners, botnets, and social engineering practices may represent growing threats, as well.

Vincent Weafer, the senior vice president of McAfee Labs, reasoned, "We’ve seen significant advancements in device and social network adoption, placing a bulls-eye on the platforms and services users are embracing the most.  These platforms and services have become very popular in a short amount of time, and we’re already seeing a significant increase in vulnerabilities, attacks and data loss."

Then one other thing worth mentioning: due to the example set by WikiLeaks, McAfee thinks politically motivated attacks will become more common.  We’ll just leave it to you to decide whether that’s more of a good or bad thing.

Additional information from McAfee is available here if you’re interested.

Pat Clawson, CEO of endpoint security provider Lumension reached out to us with some thoughts on the acquisition and its effect on the industry.

"Intel’s acquisition of McAfee will not only fundamentally change the security landscape, it will have a ripple affect throughout industry. With this acquisition Intel is addressing areas that we really need to get better at protecting – smart phones, televisions, medical technology and cash machines. Short term, it gives Intel a competitive advantage but will no doubt make other chip manufacturers, like AMD, consider whether they need to mirror the acquisition."

"For the security industry, it makes the top layer of the security stack – such as Symantec – obvious acquisitions target not only for chip manufacturers but also hardware providers, such as mobile device manufacturers.  On the flip side, it could leave a waste land of security companies as mid-sized security companies see a diminishing number of prospective acquirers."

McAfee, which has experienced double-digit year-over-year growth, will become a wholly-owned subsidiary of Intel.

Is Symantec next?

McAfee says searching for the latest Cameron Diaz pictures and downloads leads to a ten percent chance of visiting a website that has threats, such as spyware, adware, spam, phishing, viruses and other malware.

"This year, the search results for celebrities are safer than they’ve been in previous years, but there are still dangers when searching online," said Dave Marcus, security researcher for McAfee Labs.

"Consumers are getting smarter about searching online, yet cybercriminals are getting sneakier in their techniques. Now they’re hiding malicious content in ‘tiny’ places like shortened URLs that can spread virally in social networking sites and Twitter, instead of on websites and downloads."

Other dangerous celebrities to search for are Julia Roberts, Jessica Biel, Gisele Bndchen, Brad Pitt, Adriana Lima, Jennifer Love Hewitt, Heidi Klum, Tom Cruise, and Anna Paquin.

"Cybercriminals follow the same hot topics as consumers, and create traps based on the latest trends," said Marcus.

"Whether you’re surfing the Web from your computer or your phone or clicking on links in Twitter about your favorite celeb, you should surf safely, and make sure you’re using the latest security software."

McAfee says searching for the latest Cameron Diaz pictures and downloads leads to a ten percent chance of visiting a website that has threats, such as spyware, adware, spam, phishing, viruses and other malware.

"This year, the search results for celebrities are safer than they’ve been in previous years, but there are still dangers when searching online," said Dave Marcus, security researcher for McAfee Labs.

"Consumers are getting smarter about searching online, yet cybercriminals are getting sneakier in their techniques. Now they’re hiding malicious content in ‘tiny’ places like shortened URLs that can spread virally in social networking sites and Twitter, instead of on websites and downloads."

Other dangerous celebrities to search for are Julia Roberts, Jessica Biel, Gisele Bndchen, Brad Pitt, Adriana Lima, Jennifer Love Hewitt, Heidi Klum, Tom Cruise, and Anna Paquin.

"Cybercriminals follow the same hot topics as consumers, and create traps based on the latest trends," said Marcus.

"Whether you’re surfing the Web from your computer or your phone or clicking on links in Twitter about your favorite celeb, you should surf safely, and make sure you’re using the latest security software."