Network Security

To provide IT managers with insight into potential data risks in the enterprise, HP has published a research report that highlights enterprise-computing trends and network security vulnerabilities for the first half of 2010.

The increasing use of Web-based business applications and social networking sites on corporate networks opens up the enterprise network to serious security threats, HP finds.

The report finds that more than 80 percent of network attacks targeted Web-based systems. There are two key elements for this number: Websites and Web clients.

According to the report, Websites are constantly at risk of being taken offline or defaced from SQL injection, PHP File Include or other attacks. These types of attacks have doubled in the last six months.

Attacks against Web browsers and Web client applications such as QuickTime and Flash have tripled in the first half of the year and are often the main entry point for attackers to gain access to a network, researchers at HP said.

The report, prepared by HP TippingPoint's Digital Vaccine Labs or “DVLabs,” gives enterprise organizations visibility into the attacks targeting their applications and underlying networks, company officials said.

This information allows administrators to make the system changes needed to reduce the possibility of network breaches that could lead to financial loss or decreased productivity.

The Cyber Security Risks Report uses real security event data to highlight how these activities put a network at risk so that businesses are better armed to address these concerns.

“To mitigate network security risk, organizations need insight into the potential threats associated with using social media networking sites and Web application downloads in a business environment,” Mike Dausin, manager of advanced security intelligence, HP TippingPoint DVLabs, said.

“By understanding the increased risk these applications pose to the corporate network, organizations can implement remediation strategies to ensure that business processes, as well as data, remain secure,” Dausin added.

Understanding the attack frequency and the risks of Web-based computing allows organizations to adjust security settings in their systems to protect the most critical assets on a network, HP officials said.

The data from the report demonstrates how the structure of the application and its wide use in the enterprise makes it a very attractive target for attackers. This knowledge will help organizations tighten security controls around PDF use, helping prevent network compromise, they added.

The report gives insight into several covert and sophisticated techniques attackers use to hide their exploits.

By understanding these techniques, users can shut down attacks faster, as they crop up. Administrators can also fine-tune their security practices for better protection.

HP finds that older security threats, such as SQL Slammer, Code Red and Conficker, still represent a significant source of attacks. HP helps organizations prevent these threats from recurring by providing information about their pervasiveness.

For example, Slammer, which originated in 2004, triggers HP TippingPoint IPS filters 10 times more than any other filter. The report provides IT managers with the knowledge of the attack frequency and the likely causes, for example, pirated software, enabling them to make adjustments to network access or to monitor application purchasing.

For this report, HP analyzed event data from hundreds of deployed HP TippingPoint Intrusion (News - Alert) Prevention Systems to identify the attacks. Event data refers to attack information that is collected when a security exploit triggers a particular filter in the HP TippingPoint IPS.

The research was also supported by SANS, an organization dedicated to security training and certification; Open Source (News - Alert) Vulnerability Database, an independent and open source database created by and for the community; and Qualys, a provider of on-demand IT security risk and compliance management solutions.

Following the acquisition of 3Com (News - Alert) in April, HP expanded its networking and security business, TMCnet reported. The TippingPoint portfolio is one of the capabilities that HP added through 3Com acquisition.