Browser-based Attacks Pose Emerging Threat

Enterprise Networks & Servers, May 2004

Browser-based attacks are surging and may pose the next significant security threat to information technology (IT) operations. That is one of the key findings of the second annual survey on IT security and the workforce from CompTIA, the Computing Technology Industry Association.

The survey of nearly 900 organizations found that 36.8 percent were plagued by one or more browser-based attacks in the last six months. That's up from 25 percent in last year's survey.

Browser-based attacks use browser systems and user system permissions to disrupt computer functions. These attacks are unleashed when someone visits a Web page that appears harmless, but actually contains hidden malicious code intended to sabotage a computer or compromise privacy. The result of the attack may be as simple as a crashed browser, or as serious as the theft of personal information or the loss of confidential proprietary data.

"The explosion of dynamic, created-on-the-fly Web pages, which often incorporate individual personal preferences, is exposing organizations' IT systems to new security threats," said John Venator, president and chief executive officer, CompTIA. "It is clear that education on IT security can no longer be limited to a handful of IT personnel. Keeping the IT infrastructure safe is the responsibility of everyone in the organization."

Computer viruses and worm attacks, though still the biggest threat to IT security, are significantly less common than they were a year ago, according to the CompTIA survey.

Last year 80 percent of organizations identified worm and virus attacks as their most common IT security threat. This year, the comparable figure is 68.6 percent.

Network intrusion issues, named last year as the second-most common security threat (65.1 percent), showed a significant drop this year, falling to 39.9 percent. Organizations also reported significant declines in problems caused by remote access, such as virtual private networks and dial-up (41.7 percent, down from 49.9 percent); and social engineering (17.9 percent, down from 21.9 percent).

Antivirus applications are still the most commonly used technology or practice to enforce security requirements. The CompTIA survey found that 95.5 percent of organizations use some form of antivirus technologies.

Firewalls and proxy servers are the second most commonly used technology, identified by 90.8 percent of respondents. That's down from last year, when 93.7 percent of organizations reported using these technologies.

Security audits and penetration testing account for an increasing portion of the measures now in place to monitor general security performance. They were identified by 61 percent of respondents, up from 53 percent.

Other commonly used measures include systems baselines (51.4 percent, up from 46.5 percent) and change control tracking (44.3 percent, up from 39.1 percent)

Fifteen percent of organizations reported they have no measures in place to monitor general security performance.

The survey was conducted for CompTIA by TNS Prognostics of PaIo Alto, Calif., a leader in customer research based consulting for the IT industry.

CompTIA is a global trade association representing the business interests of the information technology industry. For more than 22 years CompTIA has provided research, networking and partnering opportunities to its more than 19,000 members in 89 countries. More information is at www.comptia.org.