How Resilient is the Internet? - Hackable Majority
(Page 3 of 4 )
Danny McPherson, chief research associate for Arbor Networks, an attack detection company, noted that "These attacks weren't that substantial." He said that "This was a 2G to 3Gbps attack," not as bad as the 22G to 25Gbps attacks his company saw in 2006. "They were pretty ugly, and the scale of those attacks was pretty large." Still, even the smaller attack that happened February 12 "could take most enterprises offline pretty easily."
There are other forms of attacks that businesses also need to be concerned about. Acunetix, a web site security company, has scanned 3,200 sites over the last year. It discovered that about 70 percent of these web sites include medium- or high-risk vulnerabilities that open them up to being hacked. Once inside, hackers could use the vulnerabilities to steal sensitive information.
So what kinds of vulnerabilities did the survey turn up? They included everything from major problems such as SQL injection and cross site scripting to relatively minor ones, like local path disclosure or directory listing. The average web site scanned by Acunetix included 66 vulnerabilities, which means that the company spotted more than 200,000 items that were security risks on 3,200 sites.
Not everyone believes this dire figure. Paul McNamera of NetworkWorld forwarded Acunetix's release to Joel Snyder, a senior partner at Opus One, an information technology firm. Snyder was willing to bet $1,000 that, out of ten randomly chosen sites on Acunetix's list of 3,200 scanned, it couldn't break into as many as three of them and steal sensitive information. Acunetix raised the stakes in the challenge by offering to scan Network World's site and trying to break in; as of this writing, that is where the matter stands.
But whether or not it's true, it does raise the point that many web sites are vulnerable in ways the Internet as a whole is not. Indeed, the very fact that there are botnets to make denial of service attacks proves it - because there would not be zombie computers if hackers did not break in or users were more diligent about keeping their computers clear of malware. It's not easy, but - as Acunetix was trying to illustrate - this kind of computer hygiene is important, and is still not being treated with the seriousness it deserves.
More Web Hosting News Articles
More By Terri Wells