By John E. Dunn
15 November 2006
The respected SANS Institute has identified the sudden rise in zero day
attacks as the most important threat trend in its 2006 Top Twenty
Vulnerabilities  list.
In the last year or so, the zero day attack had gone from a phenomenon
talked about in the abstract to something that was now a regular
occurrence in everyday applications, the organisation said.
Such vulnerabilities in Microsoft Office had tripled from last year ,
with 45 serious or critical vulnerabilities 9 of which were zero day
attacks - discovered in the suite.
Overwhelmingly, the attacks originated in China, which the report says
could be down to the wide availability of source code without normal
copyright restrictions or effective policing in that locale.
If previous years lists featured a conventionally dry list of security
holes, this years announcement makes clear that computer security has
grown into a global megatrend of significance beyond the computing
As well as attempting to exploit security vulnerabilities for extortion
of information theft, criminals are also actively targeting military and
other public systems in countries such as the US, the UK and Canada, the
The report identifies a number of specific trends beyond the targeting
of Microsoft, including a rise in sophisticated targeted attacks, and
the exploitation of VoIP in a way that could lead to a crash of the
conventional PSTN on which so many third-party systems depend. Web-based
attacks on databases, using such hacks as SQL injection, have also
The organisation has even had to give its report a new name to better
underline the nature of the problem. From now on the Top 20 Security
Vulnerabilities list will be known by the more menacing title of the Top
20 Internet Attack Targets so as to better explain the nature of the
threats now faced.
The SANS Report has acquired a degree of credibility because it
identifies specific threats in detail and is seen as just about the only
multi-party analysis of threats from one year to the next. In addition
to SANS staff, contributors to this years report included Gerhard
Eschelbeck, now of Webroot, Amol Sarwate of Qualys, and Rohit Dhamankar
of 3Com TippingPoint.
Subscribe to InfoSec News