SANS sees upsurge in zero-day Web-based attacks
It's pretty much official now (in case you didn't believe it before): We have exited the Worm era, and jumped head first into the era of specialized and targeted attacks...
According to a recent article by ComputerWorld, SANS security organization sees upsurge in zero-day Web-based attacks. The following excerpt from the article sums it all up.
If major attack trends this year are any indication, security administrators looking to prioritize their tasks for 2007 would do well to focus on fighting highly targeted attacks and protecting their Web and Microsoft Office application environments. A report released by the SANS Institute today showed a sharp increase in attacks on all three fronts this year, along with a surge in zero-day attacks and security threats associated with the use of voice over IP.
The trends were highlighted in SANS's annual update to its list of top 20 Internet security vulnerabilities, which reflects the consensus opinions of more than three dozen security researchers and agencies, including the U.S. CERT and the Department of Homeland Security. The attack trends suggest a continued shift away from the "noisy," attention-grabbing virus and worm attacks of the past to more covert attacks via Trojans and other malware, Alan Paller, director of research at SANS, said this morning at a news conference where the list was announced.
This means that if your Information Security Strategy needs to be very different for the new year, if you've been following 2005-era approaches to InfoSec.
Let the games begin...
About Logik!
Andrew S. Baker aka ASB aka Logik!
Andrew is an accomplished, hands-on executive with broad technology expertise and proven track record of generating sustainable business results through implementation of effective processes and controls, design and deployment of superior technology infrastructure, and strategic and tactical leadership of IT teams.
He regularly provides thought leadership on business and technology issues via mailing lists, technical forums, blogs, professional networking groups, as well as contributions to podcasts, webinars, and technical/business magazine articles. Additionally, Andrew holds active roles on several boards and committees for non-profit organizations, and within the Seventh-day Adventist church.
His personal interests include Astronomy, Basketball, Bible Study, Chess, Comics, Computers,
Family Life Ministries, Reading, Strategy/Role Playing games, and Professional Networking...
A condensed version of
Andrew's current resume is available here.