2010 Top Cyber Security Risks Report
Full Title of Reference
2010 Top Cyber Security Risks Report
Full Citation
HP TippingPoint DVLabs, 2010 Top Cyber Security Risks Reports (2010). Online Paper. Web
Categorization
- Resource by Type: Industry Reports
- Issues: Cybercrime
- Approaches: Technology
Key Words
Antivirus, Botnet, Cyber Crime, DDoS Attack, Malware, Patching, SPAM, Trojan, Worm, Zero-Day Exploit
Synopsis
In 2010, information security threats are striking networks with more sophisticated techniques than ever and exploit reports continue to dominate the media. The collective findings described within this report establish the fact that the proliferation of technology, along with the quick and effortless manner in which that technology is accessed, is dramatically and negatively impacting security. While we are not advocates for making technology more difficult, we do advocate implementing common sense security policies and technologies that battle well-known and new threats. This report evaluates some of the most significant security liabilities that the enterprise is facing today. The report focuses on four key areas:
- Increased Consumerization of Enterprise Computing
- Prolonged and Persistent Targeting of Web Applications
- Increased Organization and Sophistication of Attackers
- The Unrelenting Presence of Legacy Threats
In addition to explaining how and where the enterprise is vulnerable, the report provides insights into how organizations can protect themselves from attack, including what the next generation of computing should look like to maximize security for the corporate network.
Increased Consumerization of Enterprise Computing
Some of the most serious information security issues the research team has seen this year stem from the increasingly high use of consumer technologies within the enterprise. For example, there are several thousand organizations that utilize Facebook, Twitter, WordPress, and iTunes for promotion and brand awareness. While these technologies may offer a wealth of marketing recognition, they also open the door to a multitude of security risks. Another trend impacting enterprise IT department is an “anything goes” mentality that allows users to download and manage applications and programs of their choosing. While some of these applications may be fine, and may even boost productivity, an overwhelming majority of them are a significant liability to corporate networks.
Web Applications continue to be highly attractive targets
The team highlighted the risks of running Web applications in last year’s Threat Report. Our current research indicates that Web applications continue to pose one of the biggest risks to corporate networks. Web applications offer an easy way for organizations to create an interactive relationship between constituents such as customers, employees, and partners, and their back-end systems. Because Web application systems are relatively easy to build and offer inexpensive extensibility, they yield a great deal of value and functionality. Because of this, the number of Web applications continues to steadily grow.
Attackers are more organized and sophisticated
One of the more alarming trends observed in the previous six months is the increased sophistication of attacks. Attackers have not only become more organized, they are also increasingly subversive and inconspicuous in the way they execute their attacks. The attacks are so sophisticated and subtle that few victims realize they are under attack until it is too late. It is increasingly common to hear of attackers remaining inside a compromised organization for months, gathering information with which they design and build even more sophisticated attacks. Once the desired information is obtained, the attackers launch exploits that are both more devastating and more covert.
Attack sophistication has increased across the board, from client side-attacks such as malicious JavaScript, to server-side attacks like PHP file include. This report includes examples of real-world attack techniques employed by these increasingly sophisticated attackers
Legacy attacks still a threat
Despite the rising sophistication of attacks, it is still worth highlighting that over the sample period of this report, the number of attacks from well-known legacy threats continues to plague computer systems. While many of these attacks are well understood and well protected against, it is not unheard of to see large organizations as the source of some of these attacks, indicating that when large organizations implement new systems without threat management controls, the systems are quickly infected with familiar threats. While this is an extreme example, it highlights the need for continued diligence against well-known threats, ideally addressing them with strong patch and configuration management policies.
Additional Notes and Highlights
Expertise Required: Technology - Moderate
While the sections of the report which explain in detail how attackers hide exploits in seemingly innocuous code require some technical expertise, there is a very clear explanation of how such an exploit is downloaded and executed on a victim's computer within the corporate firewall that requires no special expertise to understand. See page 27.