[ISN] Security Pros Are Focused on the Wrong Threats

From: InfoSec News <alerts_at_private>
Date: Wed, 16 Sep 2009 00:32:27 -0500 (CDT)

By Riva Richmond
New York Times
September 15, 2009

Corporate information technology departments are prioritizing the wrong 
threats to their computer systems, focusing on old problems and leaving 
their companies open to a raft of new cyberattacks aiming at private 
customer and corporate information.

That is the finding of a new biannual report from the SANS Institute, a 
training organization for computer security professionals, whose senior 
staff weighed two sets of data that have not been rigorously compared to 
date: data on the most common attacks hitting corporate networks and 
data on which vulnerabilities are most prevalent on company networks. 
TippingPoint, an intrusion-prevention technology company, provided the 
attack data, collected during its defense of 6,000 organizations during 
the first six months of the year, while Qualys, a vulnerability 
management company, provided data on the most common security holes 
based on its analysis of nine million customer computers.

Looking at the two sets of data together revealed immense shifts in what 
is getting the attention of today's hackers. "The bottom line: Two 
cyber-risks dwarf all others, and users are not effectively mitigating 
them - preferring to invest in mitigating less critical risks," said 
Alan Paller, director of research at SANS.

The less critical risks are flaws in the Windows operating system. While 
these bugs were the No. 1 problem for everyone on the Internet not long 
ago, times have changed. Thanks to significant security improvements by 
Microsoft, automated tools for applying its patches and generally good 
habits within organizations, the operating system is now much harder to 
hit. As such, hacker interest has waned. Only one major worm, Conficker, 
circulated in the first half of the year. Attacks on the operating 
system accounted for only about 30 percent of the total volume of attack 
activity on the Internet, and, thanks to patching, probably weren.t very 
successful, says Rohit Dhamankar, director of TippingPoint's DVLabs.


Did a friend send you this? From now on, be the 
first to find out! Subscribe to InfoSec News 
Received on Tue Sep 15 2009 - 22:32:27 PDT

This archive was generated by hypermail 2.2.0 : Tue Sep 15 2009 - 22:38:58 PDT