New Study Reveals Top 10 Network Risks
February 22, 2012
Tech Target reports that Trustwave SpiderLabs conducted 2,000 penetration tests and reviewed more than 300 breach investigations and found that older, longstanding problems are often among the main security threats that networks face. These threats, including ineffective password management, poor security controls, and misconfigured legacy devices, continue to plague many organizations.
“The security community continues to focus on new attack vectors, while older threats are often overlooked, ineffectual security controls are implemented, and problems that have existed for years persist,” the company said in its 2012 Global Security Report issued in early February.
The article also drew attention to the fact that remote file sharing software could be a weak point for networks. The study found that 22% of organizations use insecure remote access applications. In addition, software used by IT teams to remotely address problems with laptops and other workstations is often poorly configured, allowing attackers to exploit flaws, steal cached domain credentials, and hop to more sensitive systems.
"When these services are left enabled, an attacker can access them as easily as an approved administrator," Trustwave said. Additionally, it found that remote access weaknesses were used in 61.7% of the tests it conducted.
According to the article, Trustwave’s top-10 network risks include:
- Weak or blank password for administrative account
- Sensitive data transmitted unencrypted
- Microsoft SQL Server with weak or no credentials for administrative account
- Address resolution protocol cache poisoning
- Wireless clients probed for ESSIDs from stored passwords
- Continued use of Wired Equivalent Privacy (WEP) encryption
- Client sends LAN manager response for NTLM authentication
- Misconfigured firewall rules permit access to internal resources
- Storage of sensitive information outside designated secure zone
- Sensitive information transmitted over Bluetooth
“Many issues found in network penetration tests and vulnerability scans are well known, some more than 10 years old and others date back to the very beginning of shared and networked computing,” Trustwave said. “These vulnerabilities are actively exploited by attackers and often represent the path of least resistance.”
In effective information governance programs, such weaknesses are identified and corrected through the application of policies, collaboration with IT to strengthen technology defenses, and robust training to reduce the incidence of vulnerabilities caused by employees.
Organizations should routinely assess the effectiveness of their information governance programs. ARMA International’s GARP® Assessment tool provides a comprehensive and systematic way to measure your organization against the Generally Accepted Recordkeeping Principles®. More information about this assessment product can be found at www.arma.org/garp/assessment.
Diane Carlisle, CRM