Browser-based attacks are surging and may pose the next significant security threat to information technology (IT)...
April 12, 2004
Browser-based attacks are surging and may pose the next significant security threat to information technology (IT) operations, findings of the second annual survey on IT security and the workforce from the Computing Technology Industry Association (CompTIA) reveal.
The survey of nearly 900 organizations released today found that 36.8% were plagued by one or more browser-based attacks in the last six months. That’s up from 25% in last year’s survey.
Browser-based attacks use browser systems and user system permissions to disrupt computer functions. These attacks are unleashed when someone visits a web page that appears harmless, but actually contains hidden malicious code intended to sabotage a computer or compromise privacy.
The result of the attack may be as simple as a crashed browser; or as serious as the theft of personal information or the loss of confidential proprietary data.
“The explosion of dynamic, created-on-the-fly web pages, which often incorporate individual personal preferences, is exposing organizations’ IT systems to new security threats,” said John Venator, president and CEO of the association.
“It is clear that education on IT security can no longer be limited to a handful of IT personnel. Keeping the IT infrastructure safe is the responsibility of everyone in the organization.”
Computer viruses and worm attacks, though still the biggest threat to IT security, are significantly less common than they were a year ago, according to the survey.
Last year, 80% of organizations identified worm and virus attacks as their most common IT security threat. This year, the comparable figure is 68.6%.
Network intrusion issues, named last year as the second-most common security threat (65.1%), showed a significant drop this year, falling to 39.9%. Organizations also reported significant declines in problems caused by remote access, such as virtual private networks and dial-up.