Friday | 10 July, 2009
CSO
The 10 Most Common Internal Security Threats
Who’s gaining access to your internal network? New criminal tactics and new kinds of malware are probing networks for vulnerabilities — and increasingly, finding them. We identify the top candidates for security breaches inside your own company
Rick Cook (CIO) 05/07/2007 10:09:09
Page:

3.Antivirus Problems. About 1.2 percent of the computers in the Promisec survey had problems with their antivirus software, usually in the form of out-of-date signature files.

With the major antivirus vendors releasing between 1200 and 2400 updates per week (a more accurate figure than the number of new viruses, even though the numbers of viruses and updates don't match), it's important to keep protection current. This is particularly true because one infection strategy used by malware authors is to infect as many computers as possible in the shortest possible time before the protectors can respond. For example, on July 19, 2001, the Code Red worm infected 359,000 computers in 14 hours.

Ironically, Code Red attacked a vulnerability in Windows that had been patched more than two years earlier.

4.Outdated Microsoft Service Packs. Running Windows without the latest updates is another major problem. About 1.5 percent of the surveyed computers had failed to update the operating system to the most current service pack.

Keeping your software current is Basic Security 101 and every company tries to do it, most commonly by doing automatic updates.

However, it's a big job to cover every desktop in the company, not to mention the laptops, PDAs and mobile phones that connect to the network. Stuff slips through the cracks, and again, it takes only one endpoint with a known security flaw to compromise the entire network.

Windows service packs are a special problem, because some software inevitably has problems with them. In the case of Service Pack 2, Microsoft acknowledged that 50 major applications initially wouldn't run with it, primarily because SP2 turned on the firewall by default. It usually takes weeks or months after Microsoft releases a service pack before all the vendors are singing off the same page.

If your users need software that stops working when a new service pack comes out, a common solution is to "temporarily" forgo installing the service pack until the software company catches up. That means going back through later and checking that those systems are updated when it becomes possible - if you remember.

Page:
More about Gartner, Gartner Group, Sophos, Yankee Group, Exposure, Centennial Software, EndPoints, Bill, Microsoft, Kaspersky Lab

Comments

Post new comment

Login or register to link comments to your user profile, or you may also post a comment without being logged in.
The content of this field is kept private and will not be shown publicly.
Enter the fully qualified URL, eg. http://www.example.com/
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

More information about formatting options

Add to Google
Additional Resources
Newsletter Subscription
Sign up for our CSO Online newsletters!
RSS Feeds
Syndicate content
 
Get a job Careerone
Whitepaper


Read Whitepaper

5 steps to getting started with data loss prevention

Lost and leaked data from stolen laptops, compromised networks, and malware-infected client devices all affect Australian businesses. Read on to discover the five critical steps to prevent data loss within your organisation.

Sponsored Links