Threat of Online Security: How Safe Is Our Data?

 

How Safe is Our Data?

 

 

  

 

 

Security statistics showed that:

55% of online users have been infected with spyware

    55% of online users said they had been infected with spyware, and 82% believed it posed a threat to online privacy, according to Bigfoot Interactive

Only 7% of companies officially run Service Pack 2

    AssetMetrix Research Labs released the results of a survey of 251 North American companies, measuring the adoption of Windows XP Service Pack 2. Only 7% of companies had actively embraced Windows XP Service Pack 2, according to the New York Times.

Instant messaging security threats doubling every 6 months

    Gartner predicted that by the end of 2005, instant messaging will surpass e-mail as the primary way people interact electronically. The Radicati Group says that “more than 85% of all enterprises report using instant messaging for business”. Symantec claims that instant messengers and peer-to-peer applications were used in 7 of the top 10 Internet threats in 2004, with IM security threats growing at 100% every six months.

Spyware to reach 25% of business PCs

    Forrester Research predicts spyware infection levels will reach 25% in 12 months, prompting 65% of companies surveyed to say they will invest in anti-spyware tools and upgrades this year. Some 80% of companies surveyed have already deployed specialized tools to deal with the problem.

 

The above graph shows the percentage of daily queries that contain at least one search result labeled as harmful. In the past few months, more than 1% of all search results contained at least one result that we believe to point to malicious content and the trend seems to be increasing.

 

 

 

 

Threat of Online Security

 

 

 

Most security threats are made by attackers using a relatively small number of vulnerabilities. Attackers, being relatively opportunistic, take the path of least resistance, and continue to take advantage of these most common failures, rather than seeking out new exploits or taking advantage of more difficult ones. Fortunately, in many cases, their predictability makes it easier to prevent attack by following a few simple rules:

 

• Apply regular updates and patches as they become available.
• Employ security software and hardware such as firewalls and authentication servers.
• Do not use default passwords and other values that are provided with your software.

 

According to the SANS Institute (SysAdmin, Audit, Network, Security Institute), the top ten threats are:

 

• Web servers and services. Default HTTP (Web) servers have had several vulnerabilities, and numerous patches have been issued over the past several years. Make sure all your patches are up to date, and do not use default configurations or default demonstration applications. These vulnerabilities may lead to denial-of-service attacks and other types of threats.
• Workstation service. An attacker can obtain full control over a computer by compromising the Windows Workstation service, which is normally used to route user requests.
• Windows remote access services. A variety of remote access methods are included by default on most systems. These systems can be very useful, but also very dangerous, and an attacker with the right tools can easily gain control over a host.
• Microsoft SQL Server (MSSQL). Several vulnerabilities exist in MSSQL that could allow an attacker to gain information from a database or compromise the server. In addition to applying all the latest patches, enabling SQL Server Authentication Logging and securing the server at both the network and system level will prevent most of these attacks.
• Windows authentication. Most Windows systems use passwords, but passwords can be easily guessed or stolen. Creating stronger, more difficult to guess passwords, not using default passwords, and following a recommended password policy will prevent password attacks.
• Web browsers. Your window to the Internet, a Web browser contains many vulnerabilities. Common exploits may include disclosure of “cookies” with personal information, the execution of rogue code that could compromise a system, and exposure of locally-stored files. Configuring the browser’s security settings for a setting higher than the default value will prevent most Web browser attacks.
• File sharing applications. Peer-to-peer (P2P) programs are commonly used to share files. In a P2P system, computers are open to others in the P2P network to allow for all participants to search for and download files from one another. Many corporations forbid use of P2P networks because of the obvious risk of compromised data.
• LSAS exposures. The Windows Local Security Authority Subsystem (LSAS) has a critical buffer overflow that can be exploited by an attacker to gain control over the system. Again, proper configuration and application of patches will prevent most exploits.
• Mail client.  Attackers can use the mail client on a computer to spread worms or viruses, by including them as attachments in emails. Configuring the mail server appropriately, and blocking attachments such as .exe or .vbs files, will prevent most mail client attacks.
• Instant messaging.  Many corporations also block employees from using instant messaging, not only because of the technical threats but also because of the possibility of lost productivity. Configuring IM properly, applying all the latest patches, and taking control over any file transfers that occur over IM will prevent most attacks.

 

Related Link(s):

• http://www.esafe.com/csrt/security-statistics.aspx
• http://www.cnn.com/2005/TECH/internet/09/26/identity.hacker/index.html

 

Prepared by Lim Xin Ying