Hackers Using New Tools To Exploit Vulnerabilities
Several reports released last week show how hackers are expanding their reach to include new targets -- and using new tricks to do so.
- The FBI and CSI released their annual Computer Crime and Security Survey, in which respondents said two-thirds of their hacker-related losses are coming from outside the organization due to an increase in attacks involving financial fraud or unauthorized access to information.
- Data security vendor Utimaco Safeware also released an international data security survey of more than 400 IT security experts, who say securing mobile devices has become the "most important challenge in data security."
- And Secure Computing, which is acquiring CipherTrust, is warning that artificial intelligence (AI) software that some software developers use for testing applications is being co-opted by hackers who use it to find formerly undiscovered vulnerabilities.
- Known as "fuzzing," the process is an automated method used to uncover bugs. Hackers evidently have been sharing fuzzing results in chat rooms and newsgroups, enabling them to more rapidly develop new threats.
- One of the wrinkles in the CSI/FBI survey results is that for the fourth straight year, losses related to computer security incidents decreased. But that may be due as much to improved security tools as to organizations that are unwilling to fully disclose their incidents and total losses for reasons of reputation or a desire not to mark themselves as a vulnerable target. Gartner vice president Rich Mogull has said as much, warning that the survey's findings should be viewed with "extreme skepticism."
- In Utimaco's report, 77 percent of respondents said that "securing mobile end devices and central IT security administration are the major challenges in protecting company data." But while 61 percent called protection against inside threats a future challenge, only 25 percent of them plan to address this by increasing their budgets. As the volume and range of these attacks continue, vendors, VARs and customers must remain flexible.
id
unit-1659132512259
type
Sponsored post