All the latest UK technology news, reviews and analysis


European Commission’s forced disclosure policy set to fail businesses

01 Feb 2013
V3 reporter Alastair Stevenson photo

It's no secret, cyber security has become a hot topic both in the private sector and in government. Already this year numerous groups have cited a rapid influx of new sophisticated attacks such Flame and Red October as proof current defence models aren't sufficient.

Sadly though, the reality is most companies haven't even got the basics right when it comes to cyber security. To this day even basic attacks like SQL injections and cross-site scripting are disturbingly effective.

Just this week security firm Firehost reported a 160 percent boom in the number of cross-site scripting attacks that targeted its clients in the last quarter of 2012.

The reason for the increase? Well it's simple really: the basic attack techniques still work. Whether the motivation of cyber criminals is financial profit, intelligence gathering, or to cause embarrassment, groups can still more often than not accomplish their objective using what are now considered fairly rudimentary techniques.

A successful cross-site script attack, for example, can let an attacker do a whole plethora of damage, from defacing a website, to stealing data or altering a hacked website to spread malware.

Meanwhile, exploit kits like Blackhole - a particularly nasty tool available for purchase on a number of underground black cyber markets - will allow even the most non-tech savvy individuals to mount automated cyber attacks.

And while many cyber attacks on businesses are basic, their success rate is not simply down to a lack sophisticated defence efforts by security professionals, but the sheer multitude and intensity of such attacks and their ever-changing nature.

Furthermore, UK businesses hesitate in sharing intelligence on such attacks for fear of giving their rivals a competitive advantage.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Alastair Stevenson
About

Alastair has worked as a reporter covering security and mobile issues at V3 since March 2012. Before entering the field of journalism Alastair had worked in numerous industries as both a freelance copy writer and artist.

View Alastair's Google+ profile

More on Security
What do you think?
blog comments powered by Disqus
Poll

BYOD vs CYOD vs BYOC poll

Which approach is your firm taking to managing employees' mobile devices?
21%
13%
4%
21%
31%
10%

Popular Threads

Powered by Disqus
Sony Xperia Z2 Tablet powered by Android KitKat 4.4

Sony Xperia Z2 Tablet video

We take a look at the lightweight, waterproof tablet

Updating your subscription status Loading
Newsletters

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button
hpv33

Data protection: the key challenges

Deduplication is a foundational technology for efficient backup and recovery

rdc2

iPad makes its mark in the enterprise

The iPad can become a supercharged unified communications endpoint, allowing users to enhance their productivity

Senior IS Compliance Analyst (Risk Assessments) - Growing area

Senior IS Compliance Analyst / Risk Analyst (Risk Assessments...

Web Designer / UI Front End Developer - Opp in new department!

Web Designer / UI Front End Developer (HTML(5), CSS...

Senior Product Manager x2 (Online & Web Platform) - Global Org

Senior Product Manager x2 (Online, Software & Web...

Senior Web Developer / OO Software Engineer (Learn Ruby!)

Senior Web Developer / Software Engineer (Opportunity...
To send to more than one email address, simply separate each address with a comma.