Top Security Threats Essay

Submitted By tpbuck92
Words: 735
Pages: 3
Open Document
Top Security Threats
ISS 317 Top Security Threats The report provided highlights dramatic increases in targeted attacks on enterprises, the continued growth of social networking sites that can be used as an attack distribution platform; and a profound change in attackers’ infection techniques which increasingly target vulnerabilities in Java to break into traditional computer systems. The report also explores how attackers are exhibiting a significant shift in focus toward growing mobile device platforms. Symantec noted over 3 billion malware attacks in 2010 with Stuxnet being the most notable trend. The attacks in this 2010 report there were the following five recurring themes. These themes are Targeted attacks, Social Networks, Zero-day vulnerabilities, rootkits, and Mobile Threats. Targeted attacks, such as Hydraq and Stuxnet, posed a growing threat to enterprises in 2010. To increase the likelihood of successful, undetected infiltration into the enterprise, an increasing number of these targeted attacks leveraged zero-day vulnerabilities to break into computer systems. Stuxnet and Hydraq teach future attackers that the easiest vulnerability to exploit is our trust of friends and colleagues. Stuxnet could not have breached its target without someone being given trusted access with a USB key. Meanwhile, Hydraq would not have been successful without convincing users that the links and attachments they received in an email were from a trusted source. Social network platforms continue to grow in popularity and this popularity has not surprisingly attracted a large volume of malware and attack potentials. One of the primary attack techniques used on social networking sites involved the use of shortened URLs. Under typical, legitimate, circumstances, these abbreviated URLs are used to efficiently share a link in an email or on a web page to an otherwise complicated web address. But the use of these shortened URLs, the report found that attackers used the news-feed capabilities provided by popular social networking sites to mass-distribute attacks. Typically an attacker logs into a compromised social networking account and posts a shortened link to a malicious website in the victim’s status area which then spreads out to contacts and their contacts etc. Once infiltration occurs at an organization, the targeted attack tries to avoid detection until its objective is met. Then exploiting zero-day vulnerabilities is one part of keeping an attack stealthy since these vulnerabilities enable the attackers to get malicious applications installed on a computer without the user’s knowledge. Zero-day vulnerabilities become everyday vulnerabilities via attack kits with some of the vulnerabilities used on Stuxnet as well as the other 6,253 new vulnerabilities discovered in 2010. Also these attack kit, or also known as attack toolkits, software programs that can be used by novices and experts alike to facilitate the launch of widespread attacks on networked computers, continued to see widespread use. These kits increasingly target vulnerabilities in the popular Java system, which accounted for 17 percent of all vulnerabilities affecting browser plug-ins in 2010. As a popular cross-browser,
Show More

Related Documents: Top Security Threats Essay

jesus juice Essay

In 2009, Symantec gathered data and discussed current trends, impending threats, and the continuing evolution of the internet threat landscape in 2009. In the Symantec global internet security threat report of 2009, the report stated that the United States was ranked number one in the world regarding malicious activity. Symantec listed the top five threats based on the data they gathered as Web based attacks, countries of origin for web based attacks, data breaches that could lead to identity theft…

Words 485 - Pages 2

Week 5 SecurityPlan assessment Essay

Graybackground-color transparent tr td stylepadding-left 3pxpadding-bottom 3pxpadding-top 3pxpadding-right 3pxbackground-color A0522Dfont-size 14pxcolor Whiteline-height 24pxwidth 50pxfont-family Trebuchet MS, ArialTitle/tdtd stylepadding-left 3pxpadding-bottom 3pxpadding-top 3pxpadding-right 3pxbackground-color ThreedLightShadowcolor 696969font-size 12pxline-height 18pxwidth 650pxfont-family Trebuchet MS, ArialWeek 5 Security Plan Assessment Test/td /tr /table br table styleborder 1px double Graybackground-color…

Words 1528 - Pages 7

week3 assignment Essay

Major Points The term “internal threat” is way more dangerous than we tend to accept. The internal threat could be something that is not even seen by the naked eye especially when we have all defenses down. Whenever this term is used, it is given to something that could cause extremely damage to us personally, professionally, and even national security. Understanding the dynamics of the insider threat is important to ensure that we allow employees that work for a corporation the ability to work…

Words 1020 - Pages 5

Information Security Essay

1. What is the difference between a threat agent and a threat? A threat agent is the facilitator of an attack however; a threat is a constant danger to an asset. 2. What is the difference between vulnerability and exposure? The differences are: vulnerability is a fault within the system, such as software package flaws, unlocked doors or an unprotected system port. It leaves things open to an attack or damage. Exposure is a single instance when a system is open to damage. Vulnerabilities can in…

Words 864 - Pages 4

Nt1310 Unit 3 Assignment 1

used by attacker who has physical access to the workstation. The attacker would use what is called a USB Dumper to transfer malicious software from a flash drive to the victim’s computer. The source of this is malicious agent and this is an internal threat because the employees are allowed to download and add software to the systems. Therefore, it is easy for them to use a USB Dumper to infect the system with malware. The likelihood is medium for this to happen, because the workstations are used by…

Words 866 - Pages 4

Nt1310 Unit 3 Assignment 1 Term Paper

is the difference between a threat agent and a threat? A threat agent is a specific person/entity that is a likely hazard to a system or that can administer a threat. For example: A particular successful hacker or a Melissa virus. On the other hand, a threat is a category of things that might be a potential danger to the system. For example: Viruses, hackers, worms and other malwares. Threat agent is a specific person or thing that conducts the action that is a threat to the system. 5. What are…

Words 581 - Pages 3

Nt1310 Unit 3 Assignment 1

Email Security : The spam and content filter is vital piece of security control to manage all email and internet content related security risks. 2. Cyber Security : We found that current antivirus solution is not having Endpoint Detection and Response capabilities. These advance features are available in many product at similar cost and allows to manage remote devices with simple administrative interface. 3. Data Security : The SOMEONE and group companies are having…

Words 1308 - Pages 6

It Security Essay

Computer security and Network Security is the means by which business and governments are protecting against computer intrusions and attack to prevent loss of data, information and provided services. Everything is now on computers, peoples whole lives are documented on computers. Big business and the government rely on technologies that use computers, whether it is used for storage, a medium between the customers and themselves or actual work. With all this information and data being stored, transferred…

Words 1957 - Pages 8

Essay about Kudler System

review the current security setup for Kudler Fine foods. Throughout the course of the paper, we will look at the current security setup in detail, analyze it, and decide a course of action to correct any possible issues. Scope of Work We will begin by devising a table that will list the top security threats found. These threats will then be summarized. Once the top threats have been identified and summarized, we will then focus on how to solve these issues. These security considerations will…

Words 2153 - Pages 9

Firewalls: Firewall and Network Layer Firewall Essay

the different types of firewalls and various aspects of each type. Firewalls have become a fixture for security systems and the first line of defense against hackers from within and outside the network. There are different types that fit each organization goals better depending on cost, type of information they access, and technical support. The firewall is just one aspect of the overall security strategy for an organization or company. Types of Firewalls A firewall is hardware or software that…

Words 1523 - Pages 7