External Hacks are More Serious than You Think
Posted by hyperguard on February 3, 2010
If you really look at security breaches you will notice that the vast majority are caused from the outside—not the inside. Security experts and industry personnel have led us to believe that disgruntled employees, misplaced documents, flash drives and devices and sheer management policies are more prevalent than hackers. Well guess again. We spoke to art of defence’s Sebastian Haase on this and he shared with us that this is not necessarily the case. Yes—internal breaches do occur and they are serious, but so are external hacks, particularly those to the web application layer. If you look at Jeremiah Grossman’s presentation, Web Vulnerabilities Revealed: What everyone knew, but afraid to believe, you will read startling web vulnerabilities statistics based on the OWASP Top Ten and realize that these weakness are clear openings for hackers.
According to Jeremiah’s presentation, 9 out of 10 websites have serious vulnerabilities and sites with urgent, critical or high severity issues will not pass PCI compliance—a major concern for financial services, retail and e-commerce. Another consideration to think about is the amount of time it takes to fix vulnerability—67 days! This known weakness heightens the situation for companies and increases the chance of a severe breach. It is important to shield applications from web vulnerabilities with a distributed web application firewall (dWAF) and protect against widespread external hacks.
Follow this conversation on twitter @hyperguard