Threats top 10 threats in 2011

I have been looking into Threats, or to be more accurate Top 10 security threats for 2011.

I just like Top ten lists! By reading this article I notes’ that much of the weakness lies in the newest thing happening in the cyberspace. Like telephone’s and third-party relationships – particularly with the advent of cloud computing.

I posted a random list from tree websites that I have choose and a link to the websites.

 

The ISF’s top 10 threats in 2011:

1. Criminal attacks

2. Weaknesses in infrastructure

3. Tougher statutory environment

4. Pressures on offshoring / outsourcing

5. Eroding network boundaries

6. Mobile malware

7. Vulnerabilities of Web 2.0

8. Incidents of espionage

9. Insecure user-driven development

10. Changing cultures

Link : http://www.itpro.co.uk/613333/top-10-threats-for-it-security-in-2011

 

Top 10 security threats for 2011

1.       Nation-sponsored hacking: When APT meets industrialization

2. The insider threat is much more than you had imagined

3. Man in the Browser attacks will man up

4. Misanthropes and anti-socials: Privacy vs. security in social networks

5. File security takes center stage

6. Data security goes to the cloud

7. Mobile devices compromise data security

8: Hackers feeling the heat

9. Cyber security becomes a business process

10. Convergence of data security and privacy regulation worldwide

Link : http://www.net-security.org/secworld.php?id=10154

 

Top 10 Internet Security Threats for 2011

1.       Malware creation

2. Cyber war.

3. Cyber-protests

4. Social engineering

5. Windows 7 influencing malware development

6. Cell phones.

7. Tablets?

9. HTML5

10. Highly dynamic and encrypted threats.

Link: http://www.itnewsafrica.com/2011/01/top-10-internet-security-threats-for-2011/

By Alexander Ólafsson

Technical Guide to Information Security Testing and Assessment by NIST, Special Publication 800-115

One of the  many NIST guidelines that can help to assess, analyze and develop IT security strategies in organization is to use NIST’s Special Publication 800-115 Technical Guide to Information Security Testing and Assessment Recommendations of the USA National Institute of Standards and Technology.

The purpose of this document is to provide guidelines for organizations on planning and conducting technical information security testing and assessments, analyzing findings, and developing mitigation strategies.

It provides practical recommendations for designing, implementing, and maintaining technical information relating to security testing and assessment processes and procedures, which can be used for several purposes—such as finding vulnerabilities in a system or network and verifying compliance with a policy or other requirements.

More about how and why please read the document.

Reference: http://csrc.nist.gov/publications/

Example of IT Risk Assessment Report

For some time we have been looking on the National Institute of Standards and Technology (NIST) 800-30, “Risk Management Guide for Information Technology Systems” guidelines. So you don’t have to invent new wheel, I have found example of IT Risk Assessment Report from one of  USA states COMMONWEALTH OF VIRGINIA.It can be used as for personal use or in organization.

This document contains instructions to implement the methodology described in the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-30, “Risk Management Guide for Information Technology Systems” and contain a recommended format for COV risk assessments.

http://www.vita.virginia.gov/uploadedFiles/Library/RiskAssessmentInstructions12142006.pdf

Top Windows Security Threats pinpointed by SANS/FBI

This article has been announced years ago though it still has an importance in relation to security threats found on Windows platform. The SANS/FBI have pinpointed these threats included with a report on the top list.

Experienced administrators have opportunity of viewing the list or report in order to check up mistakes and add fixes to the vulnerabilities. The report offers valuable details about the problems and how to deal with them.

Here are some of the most exploited Windows vulnerabilities detailed on the list:

• W1 Internet Information Services (IIS)
• W2 Microsoft Data Access Components (MDAC) – Remote Data Services
• W3 Microsoft SQL Server
• W4 NETBIOS – Unprotected Windows Networking Shares
• W5 Anonymous Login – Null Sessions
• W6 LAN Manager Authentication – Weak LM Hashing
• W7 General Windows Authentication – Accounts with No Passwords or Weak Passwords
• W8 Internet Explorer
• W9 Remote Registry Access
• W10 Windows Scripting Host

There are more detailed descriptions on each of the vulnerabilities added above included with a fix or upgrade solving them problem.

Article available on the following link, look into the vulnerability descriptions.
http://www.techrepublic.com/article/top-windows-security-threats-pinpointed-by-sansfbi/1047908

SANS Security Threats for 2012&2013

It looks like some people were thinking about the upcoming years 2012,2013 and what new security threats will appear (apparently it contradicts with Nostradamus predictions but he is not talking about IT Security so I don’t care). I chose to show at least a few of this security threats, the ones that I find interesting and at some of them I was already thinking.

1.IPv6 – it looks like we are moving to IPv6 and some ISP/Companies will rush to make the change and by this leaving security gaps in firewall configuration and other intrusion detection systems, stuff that happens when you rush things.

2.Smartphones and tablets – Apparently acording to SANS they have a BIG mark on their back and they will be targeted by hackers and other people and so far I have seen how update goes on Android phones and how many phones are updated: few to none at least from what I know of. It’s heaven for upcoming hackers

3.The Almighty Human – No surprise here and quoting the article “Humans are the weakest link, regardless of how technology changes attackers know they can always hack employees”

Anyway for more interesting stuff to read about these predictions on security threats

click>>http://www.sans.edu/research/security-laboratory/article/security-predict2011.

I am not responsible for any damage done to your PC/Table/Smartphone or any other device by clicking the link above.

security controls

What is security control? It’s a technical or administrative safeguard and a counter measures to avoid, counteract or minimize loss or unavailability due to threats acting on their matching vulnerability, i.e., security risk.

The institute United States General Accounting Office or GAO define a Security Control like this „The control environment sets the tone of an organization, influencing the control consciousness of its people. It is the foundation for all other components of internal control, providing discipline and structure. Control environment factors include the integrity, ethical values, and competence of the entity’s people; management’s philosophy and operating style; and the way management assigns authority and organizes and develops its people.”

From this we can say that it’s the administrator’s part to give persons information about the actions that the person takes.

Activity phase controls are classified as follows:
• Preventative controls exist to prevent the threat from coming in contact with the weakness.
• Detective controls exist to identify that the threat has landed in our systems.
• Corrective controls exist to mitigate or lessen the effects of the threat being manifested.

These actions can be minimized by using a security program. Like a Firewalls that are a preventative control. Or using an administrative or personnel corrective controls.

And to Illustration of phase controls there is a table her under.

Preventative	Detective	Corrective	Compensatory
Security Awareness Training	System Monitoring	OS Upgrade	Backup Generator
Firewall	IDS	Backup Data Restoral	Hot Site
Anti-virus	Anti-Virus	Anti-Virus	Server Isolation
Security Guard	Motion Detector	Vulnerability Mitigation
IPS	IPS

By : Alexander I Ólafsson

Link :http://www.sans.edu/research/security-laboratory/article/security-controls

Link: http://www.gao.gov/special.pubs/ai12.19.6.pdf

 

 

Vulnerabilities

What are vulnerabilities? Vulnerabilities are a weakness in a computer construction or software construction which allows an attacker to gain control or access to network or a computer/s.

On the website Network world I come across an article about Top 10 vulnerabilities inside the network, written in November 2010. I am going to make a little litotes based of this article.

1.       USB thumb drives  

·         Using this strategy it’s possible to infect a network from inside a firewall, to prevent this it’s possible to change auto-run on the computer for the device or disable using USB.

2.       Laptop and netbooks:

·         Today laptop and netbooks that companies are using can contain sensitive information.  And if the computer get lost or stolen this data can get to wrong hands. To reduce data lost or get in the wrong hands it is smart to make a regular backup of the files in the computer and Implement an encrypted file system for sensitive data

3.      Wireless access points:

·          Wireless APs are naturally insecure, regardless if encryption is used or not. Strong, mixed passwords should be used and changed on a fairly frequent basis.

4.       Miscellaneous USB devices:

·         Like digital cameras, MP3 players, etc The fact is, if an endpoint can read and execute data from the device, it can pose just as much of a threat as a thumb drive. There for its smart to make a policy that all devises should be scan before it is permit to connect.

5.       Inside connections:

·         The human factor, it’s hard to prevent that persons try to make changes or destroy software inside the company. But we can make it harder for them. Password to computers (servers) should be change regularly and employers should only have access to system that is necessary for them to use.

6.       The Trojan human:

·         Attackers who visit sites disguised as employee personnel or contractors. Reminders should be sent to employees about authorizing third parties.

7.       Optical media: CDs, DVDs, etc.

·         Gain access the classified information he had authorized credentials for and store the data on the “music” CDs in encrypted archives. To prevent this its smart to implement same rules as using USB devise.

8.       Hindsight is 20/20:

·         Who is watching you when you log into your desktop? One of the treats its when one it’s watching you using your password locking into your computer or using your credit card. To prevent: Observe your surroundings.

9.       Smartphones and other digital devices:

·         In phones today it’s possible to take a lock on your email, internet bank and etc. To prevent: Use more secured devise to do so.

10.   E-mail:

·         An E-mail can contain confidential information can easily be forwarded, viruses, Trojan, links that has security premonitory for the users. To prevent: Make an inside policy of what to do if an e-mail containing links or file.

What can we do to minimize the vulnerabilities of our network?

Here are some basic rules that can be used!

• Keep software and security patches up to date
• Configure security settings for operating system, internet browser and security software
• Develop personal security policies for online behavior
• Install a proactive security solution to block threats targeting vulnerabilities

But after all common sense is the best security of all.

 By : Alexander Ólafsson

REF: http://www.networkworld.com/news/tech/2010/110810-network-vulnerabilities.html?page=1