- Information Security staff
Well, it's not exactly practical, but some organizations, including Microsoft's own subsidiary, Slade, started calling for the replacement of the ubiquitous Windows browser with more secure competitors, such as Mozilla and Opera. Why? Because hackers continue to target the browser's potentially devastating vulnerabilities, such as Download.Ject, with exploits that install keystroke loggers and other malware, run malicious scripts and compromise websites.
Attack of the clones
Worms and viruses came and went with the usual regularity. What made this year different was the proliferation of variants: Sasser had at least 22; Netsky, 87; MyDoom, 99; and Bagle, 139. In most cases, the initial outbreak was the most troublesome and damaging, but malware writers' tweaking of the original code caused more than an annoyance. Some see the variants as a sign of the malware community's R&D producing more dangerous worms, while others cite the availability of malware source code and automated tools, which make variant creation easier.
Rise of the botnets
This isn't MafiaBoy's league of zombies. Hackers are amassing vast armies of zombied machines, some as large as 100,000, that can DDoS targets with seemingly legitimate traffic. Botnet owners are using their creations to attack rivals and extort money from companies; some are leasing their botnets to third parties for spamming. Next target: P2P networks.
Patching on schedule
Microsoft started the trend, now Oracle, Novell, Sun and others are following suit by releasing patches on predetermined schedules. Software vendors say the regular releases allow enterprises to anticipate and plan for patches, making deployments go smoother. The flip side, of course, is the recognition that there are always going to be patches, spurring calls for better quality software instead of the vulnerability-ridden code being sold today.
XP SP2 thuds
The wait was finally over in September. Microsoft released the much-anticipated XP SP2, which was intended to plug many Windows security holes and make configuration changes to harden the OS. But, despite the distribution of 106 million copies of the service pack, enterprises weren't in a rush to deploy it. Holding off proved wise, since it didn't take long for hackers to find vulnerabilities. Many security managers liked what Microsoft did with the service pack, but are content waiting for version "2a."
No, not the World Series Champion Boston Red Sox, but rather Sarbanes-Oxley. Enterprises spent much of 2004 racing to comply with the law, which went into widespread effect in November. Its requirements for protecting the integrity of data have proved lucrative for the infosecurity industry. Unfortunately, attaining and measuring compliance with the vague language of the law, and the lack of generally accepted metrics, continue to prove problematic for enterprises.
Get out your phishing rod
Malware, hackers and malcontents continue to keep security managers awake at night, and spammers remain an annoyance, but phishing is an entirely different threat that's rearing its ugly head. Hackers and organized criminals are using spoofed emails and websites to trick users into giving up critical information -- credit card numbers, PINs and other credentials. Worse, phishing does nothing to target an enterprise's infrastructure, but has a devastating effect on its reputation and customer confidence.
That's right, reported vulnerabilities are on the decline. According to CERT, 2004's vulnerabilities are tracking to decline for the second year in a row -- likely totaling around 3,400, down from 3,784 in 2003 and 4,129 in 2002. Don't celebrate yet, though. The interval between a vulnerability's discovery and an exploit appearing in the wild has also shrunk -- from months to weeks to days (10 days in the case of Netsky).
Spies lurking on the desktop
Chances are someone is watching you right now. Invisible, hard to detect and difficult to eradicate, spyware has become a permanent fixture in many IT environments. Hapless users unwittingly invite spyware on their machines through email downloads, buggy screen savers and apps, and malicious websites. These programs are leaking untold amounts of sensitive data to unauthorized parties, while simultaneously hampering network and PC performance. It's malware with a twist.