Information security: Top Risks Report

A new bi-annual report from security experts TippingPoint, SANS Institute and Qualys highlights the most significant information security attacks over the last six months, as well as the vulnerabilities these attacks exploit and how they can harm businesses.

The report shows that many businesses are still extremely vulnerable to security attacks that can damage brand reputations and business operations. It helps businesses to review their defenses and ensure networks are up to date and able to quickly respond to today's emerging attacks.

Security attacks are growing in quantity and frequency, as well as becoming more damaging to business operations. With so many different types of security attacks targeting the enterprise, it is becoming difficult for organizations to see which threats pose the greatest risk. This report uses current data from appliances and software in thousands of targeted organizations to provide an accurate view of the attacks and the vulnerabilities they exploit.

Key findings of the Top Risks Report include:

- Unpatched popular client-side applications put businesses at risk for data theft: PC applications often remain unpatched, compromising these machines to be used to propagate attacks and compromise internal computers. This leaves a window open for hackers to steal critical data, impact network performance and affect business continuity. Examples of these applications include Adobe Acrobat Reader, Microsoft Office and Apple QuickTime.

- The number of Web application attacks is increasing, elevating the threat posed by previously trusted Web sites: Web applications comprise more than 60 percent of the total attack attempts occurring on the Internet. These vulnerabilities are being exploited widely to convert trusted Web sites into malicious servers serving client-side exploits.

- Operating system vulnerabilities are decreasing, but still pose a significant threat to an organization's security resources: Operating systems (OS) have a lower number of vulnerabilities that can be remotely exploited to become massive Internet worms. The Conficker/Downadup is the exception and represents a major hole in many organizations' security strategy. Attacks on Microsoft OS were dominated by Conficker/Downadup worm variants. For the past six months, over 90 percent of the attacks recorded for Microsoft targeted the buffer overflow vulnerability described in the Microsoft Security Bulletin MS08-067.

- A growing number of vulnerability researchers is causing a backlog of unpatched software and a greater risk that these will be exploited. The number of people discovering zero day vulnerabilities is growing fast, yielding a growing number of vulnerabilities that remain unpatched -- some for as long as two years. This lag time in patching increases the chance of hackers creating exploits targeting those vulnerabilities.

Interested parties can download the full report at http://www.sans.org/top-cyber-security-risks/

•Date: 16th Sept 2009• Region: US/World •Type: Article •Topic: ISM news
Rate this article or make a comment - click here