We use cookies and other similar technologies (Cookies) to enhance your experience and to provide you with relevant content and ads. By using our website, you are agreeing to the use of Cookies. You can change your settings at any time. Cookie Policy.

Twenty-Four Seven Security

ebizQ

Good and Bad Security News

user-pic
Vote 0 Votes

According to a new study by the Computer Security Institute, companies have clearly begun to feel the effects of two new types of attacks in the past year, those being targeted attacks and DNS vulnerabilities.

The Computer Security Institute will be releasing their 13th Annual Computer Crime and Security Survey in a webcast this Wednesday, Oct. 8, and the full report will be available after. In a preview of their findings they found that in a study of 500 enterprises the effects are clearly being felt of the two new types of attacks.

CSI Director Robert Richardson said he was struck by the fact that 27 percent of the respondents said they had been hit by a targeted attack this past year. A targeted attack is defined as an attack directed exclusively at the individual enterprise or a specific business group

"We've heard a lot of warnings from security researchers about targeted attacks, but what this data says to me is that these attacks are really happening," Richardson says. "They may have been hypothetical a few years ago, but these are a reality today."

The same is true for DNS vulnerabilities, where design flaws of the Internet's basic naming structure have been revealed, and therefore can't be easily repaired, and which have opened up a Pandora's box of exploits. 10 percent of the survey respondents reported DNS style attacks, up from 2 percent the previous year. "What's scary about that is that it's growing, yet the flaw is inherent in TCP/IP, and can't be easily patched," Richardson said.

So what's the good news? Numerous threats were down. Insider threats have returned to normal levels (about 42 to 48 percent), which makes one wonder if last years rise was simply due to hype. Also, laptop thefts, wireless abuse, and denial of service attacks were also all down, but this being security, not totally out.

Leave a comment

Peter Schooff's blog is a daily look at what's going on in the world of computer security with an emphasis on how it affects businesses.

Peter Schooff

Peter Schooff is Contributing Editor at ebizQ, and manager of the ebizQ Forum. Contact him at pschooff@techtarget.com

Recently Commented On

Monthly Archives

Blogs

ADVERTISEMENT