Home / Most hackers exploit known loopholes

Most hackers exploit known loopholes

90% of cyberattacks through 2005 will exploit known security flaws that can be fixed, according to Gartner Group. The analyst house says most recent attacks could have been avoided if companies had been alert to security.

Ninety percent of cyberattacks through 2005 will exploit known security flaws that can be fixed, according to Gartner Group. The analyst house adds that the vast majority of recent victims of cyberattacks could have avoided the problem had they been more alert to security.

“Nearly every major attack to hit the headlines [recently] involved the exploitation of known security flaws for which a patch or defence was widely known. Estimated losses from Code Red and Nimda were in the billions of dollars, yet Code Red exploited a flaw for which a patch was available. Proving that we never learn from our mistakes, Nimda exploited the same flaw just a few months later. Both continue to survive on the Internet today,” notes Richard Mogull, research director for GartnerG2.

The analyst adds that 20% of enterprises will experience a serious Internet security incident through 2005. For those that are hit, the cleanup costs will be 50% higher than the prevention cost would have been.

To avoid these problems, the report advocates a proactive security policy, with incident response procedures and monitoring of the right sources to detect an attack.

“A proactive security posture doesn’t mean you attack hackers before they attack you — it means you have a well-developed response plan and keep looking for the early indications of an attack,” Mogull explains.

Follow us to get the most comprehensive technology news in UAE delivered fresh from our social media accounts on Facebook, Twitter, Youtube, and listen to our Weekly Podcast. Click here to sign up for our weekly newsletter on curated technology news in the Middle East and Worldwide.

REGISTER NOW | Webinar Event | Security you can bank on – Safeguarding the Middle East’s financial sector

Presented in partnership with security and network specialist Cybereason, the second in the three part webinar series will bring together a panel of experts to discuss how banks and financial institutions are evolving their service offering while simultaneously staying one step ahead of the cyber criminals who seek to bring their operations crashing to the ground.