The web security issues we should be wary of in 2015
This post is also available in : Spanish
Just as the turn of the century brought about fears of the ‘Millennium Bug’, so too does the turn of a New Year present new security concerns for web users.
The recent revelations from Google have not helped matters when it comes to Android users. It was announced in January that Google had “no intention” of fixing a web security flaw for smartphones and tablets running older versions, specifically version 4.3 or below.
Representatives at Google claim there is no reason to fix the bug as it is no longer feasible to safely patch older Android versions. Solving the problem would cause more problems than it would resolve, it seems, as the fix would require several code lines which could have their own consequences.
But while this security flaw is one thing to consider for Android users, there are other threats that we should be aware of in 2015.
DDoS – or Distributed Denial of Service attacks, are defined as a “malicious attempt to make a server or a network resource unavailable to users.” This has become a particularly topical issue in 2015, particularly with the recent PS4 and XBox One lockdown over the Christmas period.
Perhaps more worrying, however, are the financial implications of the aforementioned attacks. It is estimated that the average cost of a DDoS attack to a business is $40,000 per hour, while some 45 per cent of business owners have been hit by one in the past. Of course, the potential for loss depends on the nature of the industry itself – online casino sites are particularly vulnerable. The security team at RubyFortune.com have reported potential losses of $10 million per year, thanks to each attack lasting between six and 24 hours.
Known colloquially as ‘zombies’, botnets are the weapon of choice for the aforementioned DDoS attacks. These are a network of bots which can be commanded as a group to launch the attacks. They come in two types – the high volume network attacks, which can exceed 200 gbps, or application attacks, which only need 50-100 requests per second to overload a medium sized application server.
Victims of botnets are usually those who have logic or security vulnerabilities, and as such hosts are encouraged to keep their security software up-to-date.
Towards the end of 2014, there were a number of security flaws uncovered, the majority of which were specific to a particular operating system, software application or browser. Such vulnerabilities, however, such as Heartbleed and Poodle, had the propensity to affect large systems and businesses worldwide, giving rise to a number of patches, such as the Shellshock patch, to keep threats at bay.
It’s not all bad news, however. With the burgeoning security threats, we also have more and more savvy tech teams to counteract the issues. Google may not be acknowledging a minor flaw, but on a global scale, we still have some of the world’s most senior developers working to make sure these threats stay a threat and nothing else.
When we think of security, usually we don’t think of monitoring, as if the daily management of the systems and security were in different “boxes”. A regular monitoring during a long period can help detecting anomalies in the usual behaviour patterns. Having the systems updated, monitored and in constant supervision, can help to detect that something is not working as it should, before things break out.
With Pandora FMS you can easily monitor the network traffic on each server or network host, and use this data to know if something wrong is going on. Other useful clues can be the number of established connections, anormal CPU consumption or the presence of processes or strange listening ports that shouldn’t be there.
Of course having an antivirus is very important, but, who can spend his time checking between 200 and 500 antivirus on different computers? This is another task that can be delegated to monitoring.