WatchGuard Technologies, a provider of secure appliances and unified threat management (UTM) solutions, warns that the changing nature and scale of security threats will pose more strenuous challenges for security administrators as they embrace the Web 2.0 world.
Research over the last three years by WatchGuard's Rapid Response team has tracked attack patterns and identified five key threats: DNS system attacks, virus and malware, buggy Web applications, hacking for profit and end users themselves.
According to WatchGuard's survey, many of today's attacks are targeted and done for profit, such as the sale of personal information or blackmail. The focus of Web-based attacks has also shifted to applications running on the Web server and the data systems that back them up by exploiting flaws in Web site design.
While web servers in general are quite stable and secure, the Web sites that run on them are another matter. If not designed properly and securely, a Web site can be used as a platform to attack the data behind it, leading to information disclosure and online fraud.
On the desktop, relatively harmless virus infections have now morphed into a devil's brew of sophisticated viruses, spyware, root kits and botnets. At the same time, attacks such as phishing and drive-by downloads target the most vulnerable portion of the network infrastructure -- its users -- with surprising levels of success.