HP Report: Cyber Attacks More Intense

Thursday, September 30, 2010 @ 08:09 AM gHale

With cyber attacks growing in sophistication, enterprises face a number of security risks by failing properly to protect their applications and networks, according to research from HP.
HP’s TippingPoint digital forensic labs conducted the “2010 Top Cyber Security Risks Report.”
“To mitigate network security risk, organizations need insight into the potential threats associated with using social media networking sites and web application downloads in a business environment,” said Mike Dausin, manager for advanced security intelligence at TippingPoint.
“By understanding the increased risk these applications pose to the corporate network, organizations can implement remediation strategies to ensure that business processes, as well as data, remain secure,” he said.
The report is partly based on information provided by Qualys and the SANS Internet Storm Centre, and warns the latest attacks are more sophisticated than ever.
“Our current research indicates that web applications continue to pose one of the biggest risks to corporate networks,” according to the report. It also warned that hackers are exploiting a confidence in applications to spread their wares.
The sophisticated malware can hide within an enterprise for long periods of time harvesting information without detection, according to the report.
Few victims realize they are under attack until it is too late, according to TippingPoint. It is more common to hear of attackers remaining inside a compromised organization for months, gathering information with which they design and build even more sophisticated attacks.
Once they gather the desired information, the attackers launch exploits that are more devastating and more covert, according to TippingPoint. Attack sophistication has increased across the board, from client-side attacks, such as malicious JavaScript, to server-side attacks.
Attacks are not as prevalent as they were in 2006, when the survey graphs show a huge peak, and only cross-site request forgery is not in decline since that period.
This sort of attack hides within an official web application such as a banking site, potentially resulting in monetary losses and exposing companies to fraud.
“This is a serious attack which is web site specific and is difficult to detect in a typical vulnerability scan,” according to the report. “Cross-site request forgery is noteworthy since there are certainly real world attacks that use this technique.”
The number of unpatched vulnerabilities in systems, meanwhile, has grown rapidly in the past five years, according to the report, which cited figures from TippingPoint’s Zero Day Initiative (ZDI) that rewards security researchers for disclosing vulnerabilities responsibly.

Leave a Reply

You must be logged in to post a comment.