Gartner Says Most Attacks Will Exploit Known Flaws

Speaking today at the Gartner Symposium/ITxpo in San Diego, Gartner analysts predicted that by 2005, as much as 90 percent of attacks will exploit known security vulnerabilities for which patches and workarounds are available, but not applied. Gartner said that enterprises don't do enough to prepare for network intrusion.

"Nearly every major attack to hit the headlines involved the exploitation of known security flaws for which a patch or defense was widely known," said Richard Mogull, research director for GartnerG2. "Estimated losses from Code Red and Nimda were in the billions of dollars, yet Code Red exploited a flaw for which a patch was available, proving that we never learn from our mistakes. Nimda exploited the same flaw just a few months later. Both continue to survive on the Internet today."

Gartner also said that by 2005, 20 percent of businesses will experience intrusion and that the costs of such intrusion will exceed the cost of prevention by at least 50 percent. Four of the top risks Gartner cites are the security of business suppliers and partners, security not integrated into products, poor business governance, and a lack of risk management.

"Increase the enterprise's overall security posture. Develop an internal response plan and aggressively monitor Internet activity on all systems, especially firewall and intrusion-detection logs," Mogull said. "Evaluate established security plans in light of recent events, and update as needed. If no cyber-incident response team exists, then consider forming one or contracting with an external provider to evaluate systems."