In the news last week were three interesting stories that offer clear indications that keeping an enterprise secure is becoming more difficult as services and exploits evolve. You can link to these stories by going to the SECURITY NEWS AND FEATURES section below.
If you read the story "Digital Monsters Unleashed at Monster.com," you'll learn that intruders have switched tactics. Instead of specifically targeting a single vulnerability, the trend has moved towards targeting a list of vulnerabilities on a specific platform. Like MPack, which I wrote about (at the URL below) back in June, the exploit foisted upon unsuspecting Monster.com visitors was packaged in an innocuous-looking ad on multiple pages and worked by determining the visitor's OS and browser type, then delivering corresponding exploit code.
The Monster.com exploit took advantage of one of the most dangerous weaknesses in security: The failure to install patches or new versions of various applications and subsystems. Because many Monster.com visitors' systems were not up-to-date, the attack was highly successful. So far, reports indicate that hundreds of thousands of people had all sorts of private information stolen. The stolen information is already being used to exploit even more people. The entire ordeal clearly points to the need to keep systems as up-to-date as possible at all times, because even users who are very security savvy and know how to avoid email scams and suspicious Web sites might still fall victim by simply opening an email message that appears legitimate or by landing on a well-known Web site.
In the second story, "Skype Taken Down By Its Own Doing," you'll learn how engineering oversights can readily lead to situations where a company's own developers take down the company's entire product infrastructure. Because the engineers at Skype didn't run through enough "what if" scenarios, the Skype VoIP peer-to-peer (P2P) network was rendered mostly useless for a significant amount of time. Skype's entire existence and income flow is based upon its P2P network. So if that network fails, the company is at risk of failing as an enterprise.
This particular incident points out that security is not just for security administrators and end users and that secure software development must include an analysis of any and all potential points of failure--otherwise a company might wind up instigating a Denial of Service (DoS) attack against itself unwittingly.
The third story, "China and US Tops in Malware Storage Sites?" ties into the first story. Cyveillence reports that servers in China and the US host more malware binaries than any other countries in the world. The company also reports that US-based Web sites are used more often than sites in any other country to launch malware attacks against unsuspecting users.
Even though intruders might be based overseas, they know full well that online activity is widespread and still growing rapidly in the US and that the rush to use the Internet has far outrun the population's general awareness of the dangers involved.
The figures from Cyveillence, which you can learn more about in the news story, clearly point out why those of you who work as security administrators in the US need to be far more diligent than your colleagues in other nations.
Digital Monsters Unleashed at Monster.com
Hundreds of thousands of people who went to Monster.com looking for jobs or new recruits got more than they bargained for when wily criminals used the site to silently install Trojans on unsuspecting users' computers.
Skype Taken Down by Its Own Doing
Millions of Skype users found themselves unable to connect to the VoIP network due to shortcomings in the company's P2P network management algorithm.
China and US Tops in Malware Storage Sites?
A new report from Cyveillance suggests that 60 percent of all malware binary storage sites are hosted in China or the United States--the two countries with the largest online populations.