IT Jobs         
     Advanced Search
Home News Enterprise Developer
Enterprise
 Enterprise News
 Mobility
 Networking
 Security
 Storage
 ERP
Enterprise Connect
SMB Forum
Magazines
  Dataquest
  PCQuest
  Voice&Data
  Global Services Media
  Living Digital
  DQ Channels
  DQ Week
CIOL Events
  EC Awards
  SMB Awards
About CIOL

Custom Site
  • Web Threat Protection from Trend Micro
  • HP IT Service Management

Specials
  Integration of IT Assets: reality check
  Security Solution for SMBs
white papers
Upcoming Events
Gartner 12th Annual IT Security Summit 2006
5-7 June 2006. Washington, DC
McAfee Security Grand Prix
18th-21st April, 2006, Mumbai, New Delhi and Bangalore (India)

20th, 25th-26th, April, 2006, Kuala Lumpur, Bangkok, Singapore
Enterprise > Security > Features
SW apps under security threat
Recent SANS report reflects a significant change in the pattern of online security attacks--from OS to e-mail servers the focus has now shifted to software applications.
Aparna Lal
Previous Articles >>
Have you locked your mobile data?
Security spasms at small firms?
Read more articles on:

NEW DELHI: A recent study conducted by the SANS Institute and government representatives from the United States and the United Kingdom has revealed significant change in the pattern of online security attacks. While earlier the main targets were operating systems and e-mail servers the focus is seen to be shifting to software applications. Said an online report.

At a press conference in London, the SANS Institute and government representatives from the United States and the United Kingdom plan to release a report on the 20 most critical Internet security vulnerabilities for 2005. Said the report.

For the first time the security institute has introduced a separate category for cross-platform applications to capture this change in trend.

The applications under attack include enterprise backup software, anti-virus software, PHP applications, database software, peer-to-peer file sharing software, DNS software, media player software, IM software, and Internet browsers, said the report.

Vulnerabilities in network operating systems that empower routers and switches on the Internet such as Cisco’s Internetwork Operating System (IOS), are also under threat, reflects the report.

According to Alan Paller, director of research for the SANS Institute, this change in trend has pushed the Internet security back by almost six years. Quoting him, "Six years ago, attackers targeted operating systems and the operating system vendors didn't do automated patching. In the intervening years, automated patching protected everyone from government to grandma. Now the attackers are targeting popular applications, and the vendors of those applications do not do automated patching."

Automating patching is not the ultimate solution says Ira Winkler, author of "Spies Among Us" and global security strategist with CSC Consulting. According to a study conducted by Department of Defense, 70% of attacks are against configurations, poor system hardening, where patching plays can play no role at all, added Ira.

Another area of concern is backed-up data, any vulnerability in the backup software can give an attacker full access to the critical corporate data.

To read about the Twenty Most Critical Internet Security Vulnerabilities, click here.
 
 
  Email this article   Print this article
Top Stories of the Day
Ericsson to host multimedia services for BSNL
Optical Components market registers negative growth
DoT to set up 3 Telecom CoE in 2007
Ericsson to host multimedia services for BSNL
Indyarocks.com, the new Social Networking Portal
 


IBM developerWorks
RSS Feeds | 10th Anniversary Special | Search | Opt-In Newsletters | Slide Show | White Papers | Custom Site
Specials | News Makers | Product News | Security | Storage | Open Source | Operating System | Tutorials
+ Worth a click +
PCQuest | Dataquest | Voice&Data | Living Digital | DQ Channels | DQ Week | Global Services Media | CyberMedia Events
Cyber Astro | CyberMedia Digital | CyberMedia Dice | CyberMedia | BioSpectrum | BioSpectrum Asia

About CIOL | Awards | Media Kit | Sitemap | Contact Us | Help | Write for CIOL | Jobs@CIOL | Privacy Policy
Copyright © CyberMedia India Online Ltd.