Top Security News |
RSS Exposes Users to Attack
ZDNet reports from the Black Hat conference in Las Vegas that security experts are increasingly concerned about the potential for malicious attacks perpetrated through web feeds.
RFID Technology Vulnerable To Malware
RFID tags may become commonplace in the future, but not
a lot of people are looking forward to widespread implementation.
There was already concern that these "smart barcodes"
would allow consumers' habits to be more easily tracked,
and that the technology could...
NSA Eyes Social Networking Sites
It was revealed last month that the National Security Agency has been tracking the phone calls of millions...
Root Kit Hunter
I had a strange problem with one of my own RedHat machines the other day. Very simply, I couldn't su to root, and I couldn't even login at the console as root.
|
|
|
08.30.06
Study Claims Many Network Attacks Preventable
 By
David A. Utter
But the study commissioned by Phoenix Technologies found that the worst cases of damage to organizations impacted by a network attack came from computers where attackers logged into accounts with elevated privileges.
The study conducted by Trusted Strategies for Phoenix Technologies claimed 84 percent of the attacks it researched "could have been prevented if the identity of the computers connecting were checked in addition to user IDs and passwords."
In the analysis of Department of Justice prosecutions between March 1999 and February 2006, the study detailed some key findings in these cases. On a case-by-case basis, average damages came to over $3 million, with the worst attacks causing as much as $10 million in damages.
When attackers could pilfer valid usernames and passwords for a network, they were able to inflict the most financial loss and damages. Those cases showed losses of more than $1.5 million per occurrence.
The big damages came when attackers struck through machines authorized to perform particular tasks, and an elevated user or administrator account could be used from those machines.
Despite the major news coverage of some worm and virus outbreaks, the study said losses from attacks using stolen login credentials far exceeded the effects of such malware. The $10 million case involved stolen information, which the attacker used to delete the victim company's sophisticated manufacturing software programs.
Government led the list of industries affected by such attacks, and represented 23 percent of the cases considered in the study. Retail and High Tech followed at 22 and 20 percent respectively, while the financial industry figured in 16 percent of the cases.
The study encouraged the use of credentialing methods beyond the simple username and password combination that has been a de facto security method for years. Verification of the computer's identity would have helped greatly, as 78 percent of the attacks studied began at the attacker's home computer.
That is not a foolproof method, though, since an authorized user may be using VPN software to access a system from home. If they have malicious intent and a valid login to a network, only the most rigorous and frequent auditing of user activity would catch some attacks before they can cause damage.
readers in particular.
About the Author:
David Utter is a business and technology writer with WebProNews.
|
