SANS stands for SysAdmin, Audit, Network, Security. The
Institute, based in Maryland, is a leading source for information
security training and certification, and yesterday it released its
list of the world’s top 20 most critical security vulnerabilities,
warning that there had been a significant shift in cyber attack
targets.
For the previous five years, said the Institute, the majority of
attacks targeted operating systems like UNIX and Windows and
internet services like web servers and mail systems.
In 2005, however, a new wave of attacks concentrated on
application programs – most noticeably back-up and recovery tools
and the anti-virus and other security tools that most organisations
think are keeping them safe from attacks and from loss of data. Now
many of those systems have been shown to have critical
vulnerabilities.
A second important shift revealed by the SANS Top 20 is a public
recognition of the critical vulnerabilities that are found in
network devices such as routers and switches, which form the
backbone of the internet.
Network devices often have on-board operating systems and can be
programmed just like computers. Compromises of network devices can
provide attackers one of the most fruitful platforms for
eavesdropping and launching targeted attacks.
Such targeted attacks have increased dramatically, as seen in
June this year when the UK’s National Infrastructure Security
Co-Ordination Centre issued a public advisory describing a series
of targeted attacks against the UK central government and
commercial organisations “for the purpose of gathering and
transmitting otherwise privileged information.”
The UK advisory pointed to email born attacks, but equally
devastating attacks are being carried out against US government and
military-contractor sites using vulnerabilities like those reported
in SANS Top 20, warned the Institute.
