Fortinet advises Malaysian companies to apply security best practices as malware attacks spike in older operating systems
MALAYSIA, September 25, 2012 – Fortinet, a world leader in high-performance network security, has urged companies in Malaysia to start applying security best practices to guard against zero-day attacks and other security threats especially on older operating systems. Among such legacy systems include Windows XP which is facing discontinuing support. The sudden absence of support for XP leaves a void that will likely be filled by a slew of old and soon-to-be-discovered vulnerabilities and subsequently give rise to a new crop of security exploits that specifically target these legacy systems, which are now devoid of security updates or support.
The direct correlation between an operating system’s age and the number of exploit attempts is attributed to complicated patch management issues, coupled with lack of vendor support and security mechanisms.
According to a recent FortiGuard Labs report, there were 47 million instances of attacks from January 2012 to August 2012 based on exploits first discovered in 2004 alone.
The abrupt rise in exploit attempts represents a stark contrast to detected exploit attempts in more recent versions of Windows, all of which remain under a million from exploits discovered in 2010 and onwards.
“If you look at the number of exploits discovered in 2011, the number of attack attempts was down to around 425,000, versus the 2.9 million we saw for exploits found in 2009,” said Derek Manky, Senior Security Strategist for Fortinet. “The sad truth is that hackers are still successful going after older vulnerabilities, which really are low-hanging fruit since they have been known and unprotected against for ages."
“In comparison, the number of exploit attempts against new vulnerabilities discovered in 2012 remains well under five thousand, however that number will likely increase significantly in just a few years. It will be interesting to see at the end of the year---there may be 5,000 or 6,000 different exploit attempts based on vulnerabilities found in 2012,” Manky continued. “And three years from now, that volume is likely going to be a lot higher as tools are developed to exploit these newly-found exploits,” he added.
Simply put—the older the vulnerability, the more time there is for hackers to obtain the necessary code in order to create and execute successful attacks against users. Compounding the rise of legacy exploits is the issue of piracy. Security experts also attribute the proliferation of attacks to the pervasiveness of pirated software, which prevents users from installing the update that repairs the flaw.
Going forward, there is not much that users of legacy systems can do to protect themselves except to apply all the same security best practices, such as keeping their systems updated with the latest patches whenever possible and having a security solution in place to protect against known legacy attacks, as well as any newly discovered attacks.
.jpg)
No comments:
Post a Comment