-
Cyber Attacks Shift Target
Techtree News Staff, Nov 22, 2005 1803 hrs ISTIn 2005 a new wave of attacks shifted focus from UNIX, Windows and Internet services and concentrated on application programs.
The SANS Top 20, produced since 2000, is the security experts' consensus on the most critical security vulnerabilities. These vulnerabilities are the programming flaws, contained in popular software packages that deserve immediate attention from security professionals, CIOs and auditors to protect Internet-connected systems from widespread attacks.
The 2005 Top 20 reflects a significant shift from prior years in terms of cyber attack targets. For five years, the majority of attacks targeted operating systems like UNIX and Windows, and Internet services like web servers and mail systems. In 2005, however, a new wave of attacks concentrated on application programs.
The most noticeable set of applications targeted by attackers are the backup and recovery tools, as well as anti-virus and other security tools that most users think are keeping them safe from attacks and from loss of data.
Now many of those systems have been shown to have critical vulnerabilities, Rohit Dhamankar, lead security architect, 3Com's TippingPoint division, said, "We are seeing a trend to exploit not only Windows, but other vendor programs installed on large numbers of systems. These include backup software, anti-virus software, database software and even media players. Flaws in these programs put critical national and corporate resources at risk, and have the potential to compromise the entire network."
A second important shift in the Top 20 is public recognition of the critical vulnerabilities that are found in network devices, such as routers and switches that form the backbone of the Internet. Network Devices often have on-board operating systems, and can be programmed just like computers. Compromises of network devices can provide attackers one of the most fruitful platforms for eavesdropping and launching targeted attacks.
Dhamankar said, "Vulnerabilities on this list meet four requirements - they affect a large number of users, they have not been patched on a substantial number of systems, they allow computers to be controlled by a remote, un-authorized user and sufficient details about the vulnerabilities have been posted to the Internet to enable attackers to exploit them."
In other words, they are the low hanging fruit for nation states, terrorists, and organized crime organizations who want to steal sensitive information.
The 2005 Top 20 reflects a significant shift from prior years in terms of cyber attack targets. For five years, the majority of attacks targeted operating systems like UNIX and Windows, and Internet services like web servers and mail systems. In 2005, however, a new wave of attacks concentrated on application programs.
The most noticeable set of applications targeted by attackers are the backup and recovery tools, as well as anti-virus and other security tools that most users think are keeping them safe from attacks and from loss of data.
Now many of those systems have been shown to have critical vulnerabilities, Rohit Dhamankar, lead security architect, 3Com's TippingPoint division, said, "We are seeing a trend to exploit not only Windows, but other vendor programs installed on large numbers of systems. These include backup software, anti-virus software, database software and even media players. Flaws in these programs put critical national and corporate resources at risk, and have the potential to compromise the entire network."
A second important shift in the Top 20 is public recognition of the critical vulnerabilities that are found in network devices, such as routers and switches that form the backbone of the Internet. Network Devices often have on-board operating systems, and can be programmed just like computers. Compromises of network devices can provide attackers one of the most fruitful platforms for eavesdropping and launching targeted attacks.
Dhamankar said, "Vulnerabilities on this list meet four requirements - they affect a large number of users, they have not been patched on a substantial number of systems, they allow computers to be controlled by a remote, un-authorized user and sufficient details about the vulnerabilities have been posted to the Internet to enable attackers to exploit them."
In other words, they are the low hanging fruit for nation states, terrorists, and organized crime organizations who want to steal sensitive information.
Related Links
Tag keywords
Opinion Poll
- Which desktop web browser do you use?
-
Internet Explorer
Firefox
Chrome
Safari
Opera
Other (specify in comments)
Poll Results View Previous Polls