TRENDING:

Hackers Pose New Threat to Desktop Software

National Security InstituteDecember 14, 2005     Hackers have changed their tactics and are exploiting flaws in popular software applications – including security programs — to break into the computers of consumers, government agencies, and businesses.

What’s new about this, you might ask?  The key word is “applications.”  Until recently, hackers focused almost exclusively on computers’ operating systems – that is, their basic nervous-system software, with Windows being the obvious example.

See Also: Stepping up Fight Against Omnichannel Financial Fraud

But over the past five years, operating-system companies, especially Microsoft, have grown much more adept at quickly issuing “patches” once a security breach in their products was discovered.  Moreover, the ubiquity of Internet access means these patches can be distributed automatically, often without the user even knowing his or her software has been strengthened.  Result: More secure operating system software.

Opportunity Knocks

If history teaches us anything, it is that hackers are opportunistic.  And guess what?  While the Microsofts of the world have been making operating systems harder to hack, vendors of application software – everything from databases to security products – have failed to keep pace with automatic patching.

Cyber-attackers have watched this trend and are exploiting it, experts say: today, your anti-virus or firewall software is as likely to be hacked as your Windows.

Indeed, vulnerabilities in software from many of the most trusted names in security have been found – companies including Symantec, Trend Micro, and McAfee.

Analysts say these vendors and others must now rapidly improve their speed and distribution when it comes to patching their own software.  For computer users, this is just another possible avenue of attack.  However, the new-found vulnerabilities don’t change the best practices for protecting your PC: purchase security software from a reputable vendor, update it frequently – and pay attention to warnings that the software needs to be patched.

© National Security Institute, Inc. – Content excerpted from NSI’s SECURITYsense—a monthly information security awareness service for educating your end users. This copyrighted article is the property of the National Security Institute and may not be reproduced or redistributed in any form without license agreement.  For more information on the SECURITYsense program and to view FREE samples, visit http://nsi.org/SECURITYsense2.html .

Previous
Many Internet Users Lagging on Tech Lingo
Next
FDIC Information Security: Improvements Made but Weaknesses Remain

About the Author



Around the Network

Safeguarding Critical OT and IoT Gear Used in Healthcare
Safeguarding Critical OT and IoT Gear Used in Healthcare
Transforming a Cyber Program in the Aftermath of an Attack
Transforming a Cyber Program in the Aftermath of an Attack
Medical Device Cyberthreat Modeling: Top Considerations
Medical Device Cyberthreat Modeling: Top Considerations
Protecting Medical Devices Against Future Cyberthreats
Protecting Medical Devices Against Future Cyberthreats
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
How 'Security by Default' Boosts Health Sector Cybersecurity
How 'Security by Default' Boosts Health Sector Cybersecurity
Evolving Threats Facing Robotic and Other Medical Gear
Evolving Threats Facing Robotic and Other Medical Gear
Identity Security and How to Reduce Risk During M&A
Identity Security and How to Reduce Risk During M&A
Properly Vetting AI Before It's Deployed in Healthcare
Properly Vetting AI Before It's Deployed in Healthcare
Is It Generative AI's Fault, or Do We Blame Human Beings?
Is It Generative AI's Fault, or Do We Blame Human Beings?

Continue »

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.