[ISN] Hackers target government holes

From: InfoSec News (isn@private)
Date: Mon Jun 14 2004 - 22:53:13 PDT

  • Next message: InfoSec News: "[ISN] New Linux Security Hole Found"

    By Brian Robinson 
    June 14, 2004 
    Global threats such as the Blaster and SQL Slammer worms batter
    government network defenses as much as those in the commercial arena,
    but attacks that actually penetrate the network are focused on
    perceived weaknesses in Web-based applications, according to a
    Symantec Corp. report.
    Based on an analysis of data produced in the last six months of 2003,
    Symantec officials believe the problem could be due to a greater use
    of file-sharing applications within government, as opposed to
    Globally, there is a bigger mixture of different kinds of attacks,
    according to Oliver Friedrichs, a senior manager at Symantec. In the
    last half of 2003, eight of the top 10 attacks on government were
    related to Web servers or Web-based applications.
    "It's the most dominant threat by far," Friedrichs said. "In contrast,
    threats such as those posed by the Blaster worm and others seem to be
    adequately blocked by [perimeter] firewall systems."
    Using data provided by sensors deployed throughout the government,
    Symantec officials concluded that TCP ports 6346 and 4662, which are
    typically used by peer-to-peer file-sharing networks, were targeted
    much more frequently by attacks against government systems than for
    other systems around the globe.
    That apparently means that attackers believe there are potentially
    vulnerable Web applications deployed in the government sector,
    Symantec officials said.
    There's been a constant evolution in such Web-based applications and
    technologies, Friedrichs said, but that also means they are that much
    more complex "so there's greater potential for more security
    That only points out the need to focus even more attention on the
    security needs of Web-based systems, he said.
    Brian Robinson is a freelance journalist based in Portland, Ore. He
    can be reached at hullite@private
    ISN mailing list
    Sponsored by: OSVDB.org - For 15 cents a day, you could help feed an InfoSec junkie!
    (Broke? Spend 15 minutes a day on the project!)

    This archive was generated by hypermail 2b30 : Tue Jun 15 2004 - 01:31:43 PDT