Security vendor Fortinet is urging companies to keep security up to date following a series of attacks on unpatched computers.
The global buffer overflow exploit was discovered in October 2008 and reached a peak in January 2009, according to the company’s latest threat report. The exploit affects computers running Windows Vista, XP, 2000, Server 2003 and Server 2008. It gives the criminal remote access to a computer and can than cause infection in other computers.
Systems engineering manager Nelson Da Silva says it’s a case of companies not updating systems or having no defence. “People have not patched their systems in an effective amount of time. The exploit was originally reported in October 2008 so it showcases there are plenty of organisations and individuals that have not taken the time to patch their systems or do not have systems in place to help defend against these types of attacks.”
He says the process to go through and patch a system within an organisation can be quite cumbersome because there is a component of quality assurance. “If you’re applying a patch you don’t want it to affect the business so it gets tested first.
“It’s quite typical for a lot of exploits to have a peak period of activity. Exploits can last on the internet anywhere from two to five years, based on activity.”
Although IT is an area of spending that tends to be cut back in harder economic times, Da Silva says it is imperative for companies to keep up to date systems running.
“During booming times, enterprises and businesses are more lax in their operational risk. During a downturn it’s the opposite effect and they’re focusing on cutting back in core areas such as IT. They go to the CIO and explain that they don’t want to see them on the front page of the paper explaining that their customers lost information because their systems were exploited.”
Online gaming malware was an area that rose in January. Spy/OnLineGames claimed first place on Fortinet’s Top 100 malware variants list, with W32/Dropper.VEM!tr surging as well.
Da Silva says online gamers are targeted due to economies of scale. “There are millions of users who are on these gaming networks, which are a prepay service so there’s an advantage for criminals to capture credit card information. There isn’t a particular game such as World of Warcraft which is susceptible. They will try to exploit as many users as possible.”
He predicts that spam, botnets and malware will continue to grow throughout the year. “I also believe there is going to a proliferation of exploits on social networking sites.”