Hackers Eye Security Software as New Target for Malware
Internet attackers have begun to eye security software more frequently as a target, according to a recent Yankee Group report. Rather than going after operating systems like Windows, malicious hackers have become more interested in the vulnerabilities that might exist in commonly used security software from vendors like Symantec, Check Point and F-Secure. From January 2004 to May 2005, 77 vulnerabilities affecting security products were posted to ICAT, a public vulnerability database run by International Catastrophe Insurance Managers, LLC. Yankee Group analyst Andrew Jaquith analyzed ICAT's data after noticing a surge in security issues at security vendors. Security Office There are several key factors that might explain why security vendors in particular are being targeted, according to the Yankee Group. Most notably, many companies have deployed some type of security product, usually antivirus or intrusion prevention, making security software into low-hanging fruit for hackers. "Attackers will go after what seems to be the most widely used system or programs," said Secunia researcher Thomas Kristensen. "We haven't seen that many antivirus applications targeted, but that doesn't mean that we won't in the future," Kristensen said. "It could be an area for concern, considering how many people and companies use security software." Too Quiet Especially compelling for hackers is the fact that "third-party and press scrutiny has not yet forced security companies to acknowledge and fix potential problems with their code," the Yankee Group noted in its report. In contrast, operating system vendors like Microsoft garner widespread attention and criticism when vulnerabilities are uncovered. The lack of widespread attention to security products themselves has made it easier for attackers, according to the Yankee Group, and has given them a better chance of success. Testing, Testing Another reason that security vendors might face additional security issues in the future is the economic self-interest of independent security specialists, posited the research firm. Some security-assessment specialists focus on finding vulnerabilities in other vendors' security products, the Yankee Group pointed out. These vendors then turn around and sell their own security-analysis products, which include detection signatures for other vendors' vulnerabilities. In this way, security vulnerabilities and even malicious test code can get into the wrong hands. Code also can get into the wrong hands when security researchers supply proof-of-concept code to other researchers, vendors and security administrators. "These demonstration programs are like unprocessed uranium," the report noted. "[M]alicious parties can transform them easily into munitions."
Reproduced from an article published by Yahoo! News
© Yahoo! News
The original article can be viewed here:
http://news.yahoo.com/news?tmpl=story&u=/nf/20050621/tc_nf/36649
Permalink Bookmark Digg this story
