While many companies have allowed employees to access popular social media sites through their corporate networks as a way to strengthen key business relationships, this increased connectivity also presents a new set of challenges to the confidentiality and integrity of sensitive data.
New research from HP TippingPoint DVLabs published today shows that this convergence of personal and business technologies is opening government and corporate networks up to an unprecedented set of attacks:
- Over 80% of network attacks target Web-based systems (either server or client-side)
- Attacks targeted at web applications like browsers and Flash tripled over the past 6 months
The conclusions in the report are based on live field data from HP intrusion prevention systems, which are deployed in the networks of many of the world’s top corporations and government agencies.
In the research itself, the authors go out of their way to note that HP TippingPoint “is not an advocate for making technology more difficult” and make straightforward arguments in favor of mitigation strategies that address each of four key trends:
1. Increased consumerization of enterprise computing (see leading security expert Bruce Schneier’s Septemer 2010 blog post “Consumerization and Corporate IT Security” for even more on this subject)
2. Prolonged and persistent targeting of web applications
3. Increased organization and sophistication of attackers
4. Unrelenting presence of legacy threats
“The only way to deliver protection against these threats is through constant and continuous research,” says Mike Dausin, manager of Advanced Security Intelligence for HP TippingPoint DVLabs. “By understanding the increased risk these applications pose to the corporate network, organizations can implement remediation strategies to ensure that business processes and data remain secure.”
The idea is that by raising awareness of risks, research is key to closing potential security holes while still allowing the company to experiment with new technologies and modes of connectivity that help grow modern businesses.
-- About the Study --
What is HP TippingPoint DVLabs?
TippingPoint was formerly part of 3COM, which was acquired by HP earlier this year. HP TippingPoint DVLabs is a premier research organization for vulnerability analysis and discovery, ensuring clients have preemptive protection for vulnerabilities and zero day attacks. The team applies cutting-edge engineering, reverse engineering as well as critical analysis, to create comprehensive security filters that are automatically delivered to client’s intrusion prevention systems (IPS) through the Digital Vaccine® service.
Excerpt from the report's introduction, regarding social media:
…there are several thousand organizations that utilize Facebook, Twitter, WordPress, and iTunes for promotion and brand awareness. While these technologies may offer a wealth of marketing recognition, they also open the door to a multitude of security risks. Another trend impacting enterprise IT department is an “anything goes” mentality that allows users to download and manage applications and programs of their choosing. While some of these applications may be fine, and may even boost productivity, an overwhelming majority of them are a significant liability to corporate networks.
How was the data collected?
Event data from hundreds of deployed HP TippingPoint Intrusion Prevention Systems (IPS) was analyzed to identify the attacks. Event data refers to attack information that is collected when a security exploit triggers a particular filter in the HP TippingPoint IPS.
The following sources also contributed to this report:
- SANS, an organization dedicated to security training and certification;
- Open Source Vulnerability Database (OSVDB), an independent and open source database created by and for the community; and
- Qualys, which delivers on demand IT security risk and compliance management solutions, provided data generated from its vulnerability assessment and management products deployed in the field.