- Not Anymore, Continued
- Known Vulnerabilities and Known Exploits
- Targeted Threats
- Critical Systems and Threats
- Regulatory Issues
- A Word About the Long Term: IPv6
- The Organizational Security Posture
- What Parts of Constant Vigilance Should I Outsource?
- What to Keep
- Who to Seek
- You Have Just Charted a Course: Let's Set Sail
Although known exploits target known vulnerabilities, there are also threats that act against software in perfect working order. It is not a mistake or a bug that will victimize you. Instead, a targeted attack is launched using an exploit that only requires a way into your systems. Hackers are using well-known exploits that target specific businesses.
During the summer of 2003, a targeted threat materialized aimed at financial institutions. BugBear.B, discovered on June 5, 2003, was the first instance wherein a known virus proved increasingly harmful depending upon the specificity of the target. If you had updated your patches, BugBear.B would be detected by antivirus scanning and removed from your system. If it attacked you and you were not prepared, however, you simply lost all your data. If it attacked you and you happened to be connected to one of about 1,200 financial institutions that were hard-coded into the virus, it would deploy in your system and wait for your employees' keystrokes to reveal usernames and passwords. After the sensitive information was collected, it would forward it on to 1 of 10 e-mail addresses written within the virus.
Share and Share Alike
Wherever you do business, ISACs can be your friend. Join as many as apply to you.
This trend is worsening at this writing and will continue to on an array of fronts. A targeted threat could be industry specific. It could arrive via a dissatisfied customer or a disgruntled ex-employee. You need to be on top of targeted threats. Threats that are either well known, or that piggyback themselves on well-known attacks, are easy to stop with the proper foresight and planning.