Unpatched Machines Seen As Major Security Threat - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

01:11 PM

Unpatched Machines Seen As Major Security Threat

Hackers will keep cranking out exploits that take advantage of known software vulnerabilities because, although patches are available, a minority of machines are fixed, security vendor McAfee said Monday.

Hackers will keep cranking out exploits that take advantage of known software vulnerabilities because, although patches are available, a minority of machines are fixed, security vendor McAfee said Monday.

In releasing its quarterly security analysis, McAfee's "AVERT" virus research team noted that exploited vulnerabilities are becoming a dominant threat to both consumers and enterprises.

"The day of the virus may have come and gone," said Vincent Gullotto, the vice president of AVERT. "One day it may swing back, but now we're looking at different types of programs, not viruses, that threaten computers. And many of them are exploiting machines' vulnerabilities."

According to AVERT's estimates, half or more of the computers connected to the Internet aren't properly patched or updated. Not good, especially when the number of vulnerabilities spotted in the first quarter of 2005 was up 6 percent over the same quarter last year.

Because there are so many unpatched PCs, said Gullotto, the hacker's job is made easier: rather than have to dig up vulnerabilities on his own -- extremely challenging, technically -- he can sit back and wait for patches to be posted, then reverse engineer the patch to find the vulnerability.

While traditional viruses may be on the way out, other threats have stepped in to fill the gap, and more. Phishing for one, said Gullotto, although what we now think of as phishing may be old news -- and not much of a threat -- someday soon.

"Today's phishing is what I consider to be spyware," said Gullotto, because many of the most effective attacks now use password stealers and other such software -- like in-the-background screen capture programs -- to swipe identities or account access.

"But I think we'll see a reduction in the number of traditional phishing sites that entice people to divulge information," he said. "Instead, we'll see programs that are pure spyware that can directly target the clientele they want, to get the data they need."

Rather than scatter-shot a deluge of bogus messages spoofing Citibank, for instance -- which delivers mail to people who aren't Citibank customers -- phishers will focus their efforts by either fine-tuning their spam lists or plant bank- or company-specific spyware on users' PCs, then wait to snatch usernames and passwords.

"They'll want to specifically get on a machine for a specific customer and specific bank," said Gullotto. "They want to leave that spyware on the computer until it gives them the identity information they're after."

Speaking of spam, Gullotto and his AVERT group see spam tailing off, volume-wise, perhaps as soon as the next quarter or two, and spammers coming under attack from an unlikely source: phishers.

"We'll see identity thieves spoof spammers," he said. "Phishers will increase their use of spam-like offers to take advantage of those people who respond to spam. They'll send out e-mail, for instance, supposedly selling Viagra, but they'll be after the credit card and identity, not the sale. Two days later the 'buyer' is still waiting for his Viagra. And 30 days later, when he gets his credit card bill and sees it's been hijacked, it's too late."

If phishing identity thieves really step up this strategy, as Gullotto expects, "spammers themselves could be in the situation that banks are today. No one will believe spammed offers are legit."

Not that too many of us will be feeling sorry for spammers.

"No one will cry over spammers if they get spoofed," said Gullotto. "After all, there's a bit vigilante in all of us."

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
The State of Cloud Computing - Fall 2020
The State of Cloud Computing - Fall 2020
Download this report to compare how cloud usage and spending patterns have changed in 2020, and how respondents think they'll evolve over the next two years.
Top 10 Data and Analytics Trends for 2021
Jessica Davis, Senior Editor, Enterprise Apps,  11/13/2020
Where Cloud Spending Might Grow in 2021 and Post-Pandemic
Joao-Pierre S. Ruth, Senior Writer,  11/19/2020
The Ever-Expanding List of C-Level Technology Positions
Cynthia Harvey, Freelance Journalist, InformationWeek,  11/10/2020
Register for InformationWeek Newsletters
Current Issue
Why Chatbots Are So Popular Right Now
In this IT Trend Report, you will learn more about why chatbots are gaining traction within businesses, particularly while a pandemic is impacting the world.
White Papers
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll