SANS stands for SysAdmin, Audit, Network, Security. The Institute, based in Maryland, is a leading source for information security training and certification, and yesterday it released its list of the world’s top 20 most critical security vulnerabilities, warning that there had been a significant shift in cyber attack targets.
For the previous five years, said the Institute, the majority of attacks targeted operating systems like UNIX and Windows and internet services like web servers and mail systems.
In 2005, however, a new wave of attacks concentrated on application programs – most noticeably back-up and recovery tools and the anti-virus and other security tools that most organisations think are keeping them safe from attacks and from loss of data. Now many of those systems have been shown to have critical vulnerabilities.
A second important shift revealed by the SANS Top 20 is a public recognition of the critical vulnerabilities that are found in network devices such as routers and switches, which form the backbone of the internet.
Network devices often have on-board operating systems and can be programmed just like computers. Compromises of network devices can provide attackers one of the most fruitful platforms for eavesdropping and launching targeted attacks.
Such targeted attacks have increased dramatically, as seen in June this year when the UK’s National Infrastructure Security Co-Ordination Centre issued a public advisory describing a series of targeted attacks against the UK central government and commercial organisations “for the purpose of gathering and transmitting otherwise privileged information.”
The UK advisory pointed to email born attacks, but equally devastating attacks are being carried out against US government and military-contractor sites using vulnerabilities like those reported in SANS Top 20, warned the Institute.