SANS sees upsurge in zero-day Web-based attacks
It's pretty much official now (in case you didn't believe it before): We have exited the Worm era, and jumped head first into the era of specialized and targeted attacks...
According to a recent article by ComputerWorld, SANS security organization sees upsurge in zero-day Web-based attacks. The following excerpt from the article sums it all up.
If major attack trends this year are any indication, security administrators looking to prioritize their tasks for 2007 would do well to focus on fighting highly targeted attacks and protecting their Web and Microsoft Office application environments. A report released by the SANS Institute today showed a sharp increase in attacks on all three fronts this year, along with a surge in zero-day attacks and security threats associated with the use of voice over IP.
The trends were highlighted in SANS's annual update to its list of top 20 Internet security vulnerabilities, which reflects the consensus opinions of more than three dozen security researchers and agencies, including the U.S. CERT and the Department of Homeland Security. The attack trends suggest a continued shift away from the "noisy," attention-grabbing virus and worm attacks of the past to more covert attacks via Trojans and other malware, Alan Paller, director of research at SANS, said this morning at a news conference where the list was announced.
This means that if your Information Security Strategy needs to be very different for the new year, if you've been following 2005-era approaches to InfoSec.
Let the games begin...
About Logik!
Andrew S. Baker aka ASB aka Logik!
Andrew is an accomplished, hands-on IT Executive with a solid track record of providing timely and cost-effective business solutions using technology. With over 16 years experience in Information Technology, he has proven to be effective both as a Team Leader and as an individual contributor in designing, deploying, securing and maintaining enterprise networks.
His personal interests include Astronomy, Basketball, Bible Study, Chess, Comics, Computers,
Family Life Ministries, Reading and Strategy/Role Playing games...
Some of his contributions include several whitepapers on technology and Information Security, the UltraTech Knowledgebase, various postings to technology mailing lists and forums, active participation on LinkedIn Answers, along with a number of interviews for articles published in industry magazines.
A condensed version of
Andrew's current resume is available here.