Security Market Segment LS
Wednesday, 25 September 2013 20:51

Security weaknesses exposed in global audit

By

A worldwide security audit of the global prevalence of unpatched vulnerabilities has concluded that even unsophisticated attacks on corporate networks can succeed without expensive zero-day exploits.

According to a joint report from Kaspersky and Outposts24 reveals that although the number of zero-day attacks is on the rise, cybercriminals still make extensive use of known vulnerabilities.

David Jacoby, Kaspersky Senior Security Researcher, Global Research & Analysis Team, says there is no need for cybercriminals to hack a corporate system, “they simply need to ‘hack’ the people that manage the system.”

According to the two companies, a common baseline is for all critical vulnerabilities to be resolved within three months, but the study, however, found 77% of the threats that passed the three-month deadline were still present a full year after being discovered.

The joint research team collected data on vulnerabilities dating back to 2010, and found systems that had been vulnerable for the past three years.

Jacoby said the unpatched vulnerabilities were considered critical due to the ease with which they could be exploited and the impact they could have. And, the study found some corporate systems had remained unpatched for a decade despite the fact that the companies were paying for a special service to monitor their security.  

After collecting the data with the Outpost24 team, Jacoby carried out a social engineering experiment to see how easy it was to insert a USB drive into computers at government institutions, privately owned companies, and hotels.

“What is really surprising is that the hotels and privately owned companies had greater awareness and security than the government organisations. The results are a wake-up call for those searching for tailored security solutions that cover the ‘threats of tomorrow’ – it highlighted that training your staff to be prudent is just as important.”

Outposts24 Chief Security Officer, Martin Jartelius said the security audit performed was relevant globally because the gap between the moment a vulnerability is detected and the moment it’s patched is almost uniform in every country.”

“Whether it’s exploiting poor security practices, misconfigured security devices or staff that lack security training, companies should understand that it is possible to gain control of most parts of the organisation, even though no new attacks or methods are used.

“It is therefore essential to shift the approach to security from stand-alone tools to integrated solutions as part of business processes,” Jartelius concluded.


Subscribe to ITWIRE UPDATE Newsletter here

GRAND OPENING OF THE ITWIRE SHOP

The much awaited iTWire Shop is now open to our readers.

Visit the iTWire Shop, a leading destination for stylish accessories, gear & gadgets, lifestyle products and everyday portable office essentials, drones, zoom lenses for smartphones, software and online training.

PLUS Big Brands include: Apple, Lenovo, LG, Samsung, Sennheiser and many more.

Products available for any country.

We hope you enjoy and find value in the much anticipated iTWire Shop.

ENTER THE SHOP NOW!

INTRODUCING ITWIRE TV

iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.

SEE WHAT'S ON ITWIRE TV NOW!

BACK TO HOME PAGE
Peter Dinham

Peter Dinham - retired in 2020. He is a veteran journalist and corporate communications consultant. He has worked as a journalist in all forms of media – newspapers/magazines, radio, television, press agency and now, online – including with the Canberra Times, The Examiner (Tasmania), the ABC and AAP-Reuters. As a freelance journalist he also had articles published in Australian and overseas magazines. He worked in the corporate communications/public relations sector, in-house with an airline, and as a senior executive in Australia of the world’s largest communications consultancy, Burson-Marsteller. He also ran his own communications consultancy and was a co-founder in Australia of the global photographic agency, the Image Bank (now Getty Images).

Share News tips for the iTWire Journalists? Your tip will be anonymous

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments