Adjust Your Defenses to the Changing Threat Vector

While our budget-constrained defenses remain relatively static, the threat vector continues to change. Historically in network security, attackers seem to regularly stay one step ahead of defenders. I have watched the arms race unfold for more than two decades as attackers worked their way up the OSI stack from network layer attacks like the infamous “Ping of Death” and “Land Attack” to the application layer with SQL Injection. With the move to Web 2.0, this again shifted to the browser and the Web 2.0 applications it supported. The most recent change to the threat vector focuses on add-ons to the browser such as Adobe Flash and QuickTime.
If we look back to the beginning of 2009, the biggest concern we faced at that time was the ongoing issue with weaknesses in Web 2.0 applications. Many were blindsided at the end of 2009 with the revelation it was software add-ons like Adobe and QuickTime that were the threat vector of choice. The trend continued in the first quarter of 2010 as reported by Kaspersky, “The primary exploit for the first quarter of 2010 took advantage of security flaws in Adobe’s PDF readers, as Kaspersky’s data show that 47.5% of all detected exploits fell into this area.”
The shift to software add-ons was again confirmed in (continue reading...)