AOH :: ISN-3276.HTM

Zero day attacks rise to top of SANS Top 20

Zero day attacks rise to top of SANS Top 20
Zero day attacks rise to top of SANS Top 20


http://www.techworld.com/security/news/index.cfm?newsID=7355 

By John E. Dunn
Techworld
15 November 2006

The respected SANS Institute has identified the sudden rise in zero day 
attacks as the most important threat trend in its 2006 Top Twenty 
Vulnerabilities [1] list.

In the last year or so, the zero day attack had gone from a phenomenon 
talked about in the abstract to something that was now a regular 
occurrence in everyday applications, the organisation said.

Such vulnerabilities in Microsoft Office had tripled from last year , 
with 45 serious or critical vulnerabilities 9 of which were zero day 
attacks - discovered in the suite.

Overwhelmingly, the attacks originated in China, which the report says 
could be down to the wide availability of source code without normal 
copyright restrictions or effective policing in that locale.

If previous years lists featured a conventionally dry list of security 
holes, this years announcement makes clear that computer security has 
grown into a global megatrend of significance beyond the computing 
world.

As well as attempting to exploit security vulnerabilities for extortion 
of information theft, criminals are also actively targeting military and 
other public systems in countries such as the US, the UK and Canada, the 
organisation said.

The report identifies a number of specific trends beyond the targeting 
of Microsoft, including a rise in sophisticated targeted attacks, and 
the exploitation of VoIP in a way that could lead to a crash of the 
conventional PSTN on which so many third-party systems depend. Web-based 
attacks on databases, using such hacks as SQL injection, have also 
risen.

The organisation has even had to give its report a new name to better 
underline the nature of the problem. From now on the Top 20 Security 
Vulnerabilities list will be known by the more menacing title of the Top 
20 Internet Attack Targets so as to better explain the nature of the 
threats now faced.

The SANS Report has acquired a degree of credibility because it 
identifies specific threats in detail and is seen as just about the only 
multi-party analysis of threats from one year to the next. In addition 
to SANS staff, contributors to this years report included Gerhard 
Eschelbeck, now of Webroot, Amol Sarwate of Qualys, and Rohit Dhamankar 
of 3Com TippingPoint.

[1] http://www.sans.org/top20/ 


_________________________________
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn

Site design & layout copyright © 1986- CodeGods