- The Washington Times - Sunday, May 1, 2005

The nation’s largest information security institute released its quarterly review of Internet threats today, highlighting the Web’s growing vulnerability to a new form of online fraud called “pharming.”

The review also reveals that, for the first time, some security and anti-virus software is vulnerable to hackers, creating a dangerous high-level back door into users’ systems.

Analysts say pharming — the redirecting of Internet users to Web pages without their knowledge — could be used to obtain banking or other financial-services information.

“The reason this is so bad is that users arrive at the site by typing in the correct address to the browser. … They are likely to be very confident that they are in the right place,” said Alan Paller of the SANS Institute.

The majority of the thousands of viruses, worms and other Internet threats identified by the institute’s researchers take advantage of one or more of these weaknesses, said Mr. Paller, the institute’s director of research.

“It’s a way of flagging up the vulnerabilities that need to be patched” both by individuals users and company network security executives, said Mr. Paller, adding that the institute did not list vulnerabilities unless a patch was available.

Mr. Paller added that to make the list, the vulnerability had to be real, not just potential, and had to affect a large number of users.

The data for the first three months of 2005 — drawn from thousands of security reports compiled by the institute — reveal several trends, Mr. Paller said.

“Two years ago, this list was dominated completely by weaknesses in operating systems,” said Mr. Paller, referring to the underlying programs that run personal computers and servers. “Now, we’re seeing more and more vulnerabilities in applications being exploited.”

Applications are the programs that enable users to perform specific tasks, such as word processing, and the vulnerabilities in their code are more dangerous, Mr. Paller said, because — unlike operating system software — they cannot be set to update themselves automatically with new security patches.

“Users think they’re protected because they’ve set their operating systems to automatically update,” he said. “But vulnerabilities in applications can just as easily be exploited.”

Another new development, Mr. Paller added, was that, for the first time, the list includes vulnerabilities being exploited in some security and anti-virus software.

“The problem here,” Mr. Paller said, “is that such programs operate with very high-level privileges” within computing systems.

LOAD COMMENTS ()

 

Click to Read More

Click to Hide