[ISN] Too many UK businesses exposed to hackers

From: InfoSec News (isnat_private)
Date: Thu May 01 2003 - 00:59:11 PDT

  • Next message: InfoSec News: "[ISN] Stoughton hackers far from geeks"

    http://www.vnunet.com/News/1140544
    
    By Andy McCue 
    [29-04-2003]
    
    Survey finds high-risk vulnerabilities down but low-risk ones on the
    rise.
    
    A third of UK businesses are leaving themselves exposed to hackers by
    failing to crack down on medium and low-level security flaws,
    according to the results of a network monitoring survey.
    
    The fifth annual Security Audit survey by consultant NTA Monitor found
    that, despite tackling major security vulnerabilities, UK companies
    are failing to address smaller flaws.
    
    The audit examined data from more than 600 regular network perimeter
    security tests carried out by the company at client sites during 2002.  
    One-third of corporate networks tested were found to have at least 10
    flaws.
    
    "A third of companies we examined were guilty of bad security
    housekeeping,with unacceptably high levels of basic flaws found," said
    Roy Hills, technical director at NTA Monitor, in the report.
    
    "Although corporates are clearly prioritising security vulnerabilities
    and addressing high-profile issues this is at the expense of a much
    larger number of lower-profile vulnerabilities, which are being
    ignored.
    
    "The net result is that corporate networks remain exposed to external
    attack."
    
    Just six per cent of businesses had a high-risk vulnerability which
    could allow hackers to access and take control of computer systems -
    down from 19 per cent the previous year.
    
    But medium-profile vulnerabilities were found in 73 per cent of tests,
    and low-profile vulnerabilities were found in every test instance.
    
    Vulnerabilities in router and firewall systems remain at an
    "unreasonably" high level, often because they are installed with a
    standardised configuration geared towards functionality and up-time,
    said the survey.
    
    Medium-risk issues allow external users to disrupt services or
    internal users to gain unauthorised access to systems, and a low-risk
    issue provides information that could be useful to a hacker in
    attempting an external attack, according to NTA Monitor.
    
    The survey found that the main low-level flaws causing problems are
    DNS vulnerabilities, which have risen from 70 per cent in 2000 to 83
    per cent last year.
    
    The DNS Zone Transfer vulnerability enables hackers to gain a
    company's DNS data, such as network names and addresses, which can be
    utilised in malicious attacks.
    
    Server-related vulnerabilities were the only area to show a fall
    during the five years of the survey, down to 73 per cent this year
    from 86 per cent last year. NTA Monitor put this down to the increased
    level of management attention devoted to websites.
    
    Users should focus on good security design and policy and then
    configure all systems according to that plan, advised NTA Monitor.
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Thu May 01 2003 - 03:11:08 PDT