Cyber Security Institute

§ Current Worries

Top 3 Worries

  • Regulations
  • Old Firewall Configurations
  • Security Awareness

§ Listening

For the best information

  • The underground
  • Audible
  • Executive Excellence
  • Music (to keep me sane)

§ Watching

For early warnings

  • 150 Security Websites
  • AP Newsfeeds
  • Vendors

Wednesday, November 23, 2005


Attackers don’t go after operating systems like they used to.  They’ve found bigger fish to fry in flawed applications like the average AV, database, IM or media player program.  They’re also paying more attention to flaws in the routers and switches that keep the Internet afloat and are successfully stealing data from government networks.  That’s the consensus among security experts who contributed to the SANS Institute’s Top 20 vulnerability list for 2005.  “The bottom line is that security has been set back nearly six years in the past 18 months,” SANS Institute Research Director Allan Paller said in an e-mail exchange.

“Six years ago attackers targeted operating systems and the operating system vendors didn’t do automated patching.  Now the attackers are targeting popular applications, and the vendors of those applications do not do automated patching. ”  During a press conference, Paller added, “These applications, other than AV, don’t have automated patching.”

In recent years, the institute said a majority of attacks targeted operating systems like UNIX and Windows and Internet services like Web servers and mail systems.

“The most noticeable set of applications targeted by attackers are the backup and recovery tools as well as antivirus and other security tools that most organizations think are keeping them safe from attacks and from loss of data,” the institute said.  These include backup software, antivirus software, database software and even media players.

During the Tuesday morning press conference, Dhamankar said the threats that worry him the most are those targeting the Web browsers and media players—including Microsoft Media Player and Macromedia Flash.  “The US-CERT received reports of important system compromises using vulnerabilities in backup products within a few days of the public disclosure of vulnerabilities in those products,” he said.

SANS said another worrying trend this year has been the fresh attention given to critical security holes in network devices like the routers and switches that keep traffic moving across the Internet.,289142,sid19_gci1148491,00.html

Posted on 11/23