By Riva Richmond
New York Times
September 15, 2009
Corporate information technology departments are prioritizing the wrong
threats to their computer systems, focusing on old problems and leaving
their companies open to a raft of new cyberattacks aiming at private
customer and corporate information.
That is the finding of a new biannual report from the SANS Institute, a
training organization for computer security professionals, whose senior
staff weighed two sets of data that have not been rigorously compared to
date: data on the most common attacks hitting corporate networks and
data on which vulnerabilities are most prevalent on company networks.
TippingPoint, an intrusion-prevention technology company, provided the
attack data, collected during its defense of 6,000 organizations during
the first six months of the year, while Qualys, a vulnerability
management company, provided data on the most common security holes
based on its analysis of nine million customer computers.
Looking at the two sets of data together revealed immense shifts in what
is getting the attention of today's hackers. "The bottom line: Two
cyber-risks dwarf all others, and users are not effectively mitigating
them - preferring to invest in mitigating less critical risks," said
Alan Paller, director of research at SANS.
The less critical risks are flaws in the Windows operating system. While
these bugs were the No. 1 problem for everyone on the Internet not long
ago, times have changed. Thanks to significant security improvements by
Microsoft, automated tools for applying its patches and generally good
habits within organizations, the operating system is now much harder to
hit. As such, hacker interest has waned. Only one major worm, Conficker,
circulated in the first half of the year. Attacks on the operating
system accounted for only about 30 percent of the total volume of attack
activity on the Internet, and, thanks to patching, probably weren.t very
successful, says Rohit Dhamankar, director of TippingPoint's DVLabs.
Did a friend send you this? From now on, be the
first to find out! Subscribe to InfoSec News