[ISN] Gartner: Attacks exploit user security indifference

From: InfoSec News (isnat_private)
Date: Sat May 04 2002 - 04:22:24 PDT

  • Next message: InfoSec News: "[ISN] Best Buy hit by WLAN snooping"

    http://www.nwfusion.com/news/2002/0502gartnersec.html
    
    By David Legard
    IDG News Service, 05/02/02
    
    The vast majority of successful attacks on computer systems exploit 
    security weaknesses which are well known and for which patches exist, 
    according to research company Gartner. 
    
    Many recent cyberattacks could have been avoided if enterprises were 
    more focused on their security efforts, but users seem not to learn 
    from their mistakes, according to Richard Mogull [cq], research 
    director for Gartner. 
    
    Patches were available to protect systems against the Code Red virus, 
    but had generally not been deployed, Mogull said. Worse, the Nimda 
    virus exploited exactly the same weakness a few months later and was 
    still able to cause havoc around the world. Combined losses from the 
    two incidents are estimated at running into billions of dollars, 
    largely due to user indifference, according to Mogull. 
    
    According to Gartner, the five top vulnerabilities to cyberattacks 
    include: 
    
    * Lack of risk management integration. 
    
    * Security not integrated into projects. 
    
    * Poor governance and culture. 
    
    * Weak security of suppliers and partners. 
    
    * No benchmarking on spending and value of security projects. 
    
    * To counter these vulnerabilities, users should take steps including: 
    
    Increasing the enterprise's overall security posture. 
    
    * Developing an internal response plan and aggressively monitor 
      Internet activity on all systems, especially firewall and 
      intrusion detection logs. 
    
    * Evaluating established security plans in light of recent events, and 
      update as needed. 
    
    * Form a cyberincident response team or contracting with an external 
      provider to evaluate systems." 
    
    Through 2005, 90% of cyberattacks will continue to exploit known
    security flaws for which a patch is available or a preventive measure
    known, Gartner said.
    
    During that time, 20% of enterprises will experience a serious
    Internet security incident - defined as one which is more than a virus
    attack. Of companies suffering incidents, the cleanup costs of the
    incident will exceed the prevention costs by 50%, Gartner said.
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Sat May 04 2002 - 07:32:32 PDT