Five computer security facts that surprised most people, computer security facts

Source: Internet
Author: User

Five computer security facts that surprised most people, computer security facts

The five computer security facts that surprised most people are the root cause of many computer security risks and vulnerability exploitation. If you can understand them well now, you will be one step ahead of your peers in the future.

Fact 1. Every company is hacked.

Whenever the latest large data leaks are exposed, people may feel that the companies involved are definitely not doing well in computer security. In the next major hacking event, when millions of customer records are stolen or tens of millions of dollars are lost, you should think, "every company is hacked. ."

Every company is completely controlled or easily controlled by a malicious hacker. This is the case. Of course, there is no Internet at all, except for the secret military facilities that require hard drives to be put into a safe deposit box every day. Here we only talk about ordinary enterprises or small companies.

When evaluating the company's network security status, in most cases, more than one hacker is invisible somewhere on the company's network. Especially in the past 10 years, several groups of hackers have even been hiding for several years. A typical case is that a company has eight hacking groups targeting it at the same time, and several of them have been traveling on its network for 10 years.

This case is interesting, because one of the reasons the company is seeking for security assessment is that there is a software patch they don't want to play with, and whatever they choose, they will be labeled. The hacker organization cannot wait for the victim company to build its own security environment, because more and more hacker groups are pouring in. When hackers are more concerned about security than yourself, the problem will be big.

After obtaining legal authorization, the ordinary Penetration Tester can break through the protection within one hour and enter the network of the evaluated company. Companies that have already performed penetration tests and strengthened their protection according to security recommendations may have a longer penetration time. The Penetration Tester can intrude into the company more quickly, not to mention supporting hackers in countries with countless zero-day vulnerabilities.

Computers around the world have poor security protection. It does not require zero-day exploits. You can touch the West and find a weak point that is easy to intrude. Most companies are far from enough to protect computer security. Many of them are nice to say, But once implemented, such as patches, application control programs, and network disconnection, they are unwilling to do so, at least for the time being.

Fact 2. Most companies do not know how they are most vulnerable to intrusion.

5%-20% of IT security staff can guess the easiest way their company can intrude, but cannot find any data to support their arguments. This means that at least 80% of IT security staff think IT is another factor. Other IT employees and other departments in the company have no clue. If the vast majority of people in a company do not know what the biggest threat is, what should we talk about effective protection?

Data indicating the greatest threat does not exist. You may feel that the answer to the question "What is the greatest threat" is the question of spending millions of dollars to inject numerous events into the event log management system. But not. This question is never so easy to answer, especially when you have not asked questions.

Fact 3. Real Threats and perceived threats are daily differences

There is a Mariana trench between your greatest potential threat and your greatest actual vulnerability exploitation. Security defenders who know the difference in the period, their value is comparable to the treasure.

Each year,-new vulnerabilities are exploited, which has been maintained for more than 10 years. Among them, 1/4 to 1/3 are marked as high-risk. This means that when you run a vulnerability scan software or view the patch management report, you will always find that there are tons of "high-priority" vulnerabilities waiting for repair. If you are not a fat man, you can focus on fixing each time. So what should you do if there are 20 first-priority vulnerabilities in your report that need to be repaired?

Starting from the most serious damage to your current environment, and then the most likely culprit. The biggest enemy is not necessarily the highest ranking vulnerability. It doesn't matter. The key sorting is based on the possibility of injury. The real harm, the most likely harm in the future, is better than speculation. Understanding this should change a lot of operations as a computer security defender.

Fact 4. Firewall and anti-virus software are not that important

Many of today's threats are threats at the customer end and are caused by end users. That is to say, these threats have already passed through all firewalls (such as network and host firewalls) and arrived at users' desktops. Once threats penetrate into this step, the firewall will not provide much value.

The main value of traditional firewalls is to prevent unauthorized connections to existing vulnerable services. If your services are robust, the firewall may not provide much value. This does not mean that they have no value. The firewall can, and indeed provides value, especially the smart Deep Packet detection firewall. The fact is that most threats are no longer what they stop, so the great value they used has vanished.

Anti-virus software has no value, because it is hard to take 100% of the effectiveness of any new malware. Do not trust the "100%" rating that anyone sees. Such tests are carried out in a controlled environment, and the malware in the testing environment is not updated as frequently as in the real world. In the real world, the first line of malware you encounter is a download tool used to download all new malware that can bypass all the software.

Fact 5. 100% 2 Risks

Over the past decade, the two most likely causes of exploits have been software that has not been patched, and social engineering events that trick someone into installing things that shouldn't have been installed. These two problems pose almost 100% of the risks. It may be far-fetched to say that all other types of vulnerabilities in the world account for 1% of the risks. But it can be said that if you fail to solve the two biggest problems, other problems will not matter.

A software program without Patches often carries over 90% Web vulnerabilities. Social engineering accounts for the remaining majority. Make sure that your focus is on the correct issue.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.