HP has published its 2010 Top Cyber Security Risks Report, identifying a significant increase in the volume of organized cybercrime targeting data centres and networks, which can lead to financial and data loss.
While there were more attacks recorded in 2010, the number of discovered vulnerabilities remained relatively stable, but high. The new report indicates that while the majority of attacks are against known and patched security vulnerabilities, many high-profile attacks use new vulnerabilities before vendors issue fixes.
To combat both types of attacks, businesses and governments can reduce risk with improved security practices, such as keeping their security systems up to date and leveraging the research of the HP Digital Vaccine Labs’ (DVLabs) Zero Day Initiative.
The new report by HP DVLabs builds on the midyear report published by HP in 2010. The purpose of the reports is to provide vital information to organizations that will enable them to implement security policies that protect their IT assets. The new report helps advance the security of the HP Converged Infrastructure portfolio, which integrates data center technologies to simplify IT environments, resulting in improved flexibility, scalability and total cost of ownership.
A key finding in the new report is the dramatic increase of web exploit toolkits. These “packaged” attack frameworks are traded online, enabling attackers to access enterprise IT systems and steal sensitive data. According to the report, web exploit toolkits are rapidly growing as the weapon of choice by attackers due to ease of use and high success rate.
Web application vulnerabilities represent half of all security vulnerabilities and continue to plague enterprises, according to the data generated by HP WebInspect, an HP Fortify product. The report identifies third-party plug-ins to content management systems as a leading cause of web application vulnerabilities. Blog-hosting and online discussion forum applications, such as Wordpress, Joomla and Drupal, are among the most frequently attacked systems.
“We’ve discovered that rather than investing resources to uncover new exploits, attackers are focused on current, unpatched vulnerabilities in web applications, social networking sites and Web 2.0 interfaces,” said Mike Dausin, manager, Advanced Security Intelligence, HP DVLabs. “HP TippingPoint, ArcSight and Fortify security solutions, coupled with HP’s experience in IT management and application life cycle management, offer clients protection from the latest attacks threatening to disrupt business continuity.”
HP DVLabs is a premier research organization for vulnerability analysis and discovery. It ensures clients have pre-emptive protection for vulnerabilities and zero-day attacks. The group applies cutting-edge engineering, reverse engineering and critical analysis to create comprehensive security filters that are automatically delivered to clients’ intrusion prevention systems through the Digital Vaccine® service.
HP analyzed event data from thousands of deployed HP TippingPoint Intrusion Prevention Systems (IPS). Event data refers to the information collected when a security exploit triggers a filter in the HP TippingPoint IPS.
The following sources also contributed to the report:
* HP WebInspect software, which provides the next generation in web application security testing and assessment for complex web applications;
* The Zero Day Initiative, a research program managed by HP DVLabs that is designed to improve security by identifying software flaws leading to cyberattacks and security breaches; and
* Open Source Vulnerability Database, an independent and open source database created by and for the security vulnerabilities community.
Enterprise security is essential to the Instant-On Enterprise. In a world of continuous connectivity, the Instant-On Enterprise embeds technology in everything it does to serve customers, employees, partners and citizens with whatever they need, instantly.