Re: Cyberattacks Down?

[Jordan Wiens <numatrix () UFL EDU>]

I'd second pretty much every point you made.

I'm fairly sure their skew comes from the fact that they're looking at
~corporate~ cyberattacks, not ones on individuals.  Attackers have merely
shifted their focus towards end-user machines, and so it's entirely
reasonable that corporate environments with increasingly effective
enterprise security policies, procedures, and products would notice a
decrease in attacks.

End users on the other hand are getting completely over-run with problems,
and I hope folks these days realize that spyware and adware is in many
ways just as bad or worse than the average script-kiddie 0wning a box.

Universities are in the interesting midpoint of being both enterprise
environments as well as hosts of a large number of end-user managed
machines as well, so I think we have a fairly unique perspective.

--
Jordan Wiens, CISSP
UF Network Security Engineer
(352)392-2061

On Tue, 7 Dec 2004, Jere Retzer wrote:

> A recent Network World story,
> http://www.nwfusion.com/supp/2004/cybercrime/112904cybersecurity.html
> reported that Cybercrime is down substantially. This surprised me. I
> agree that security managers, if those on this list are representative
> and our tools are better. However, I'm under the impression that the
> threats, particularly mutating, spyware and phishing are rapidly getting
> worse and there remain a large number of infected and unprotected
> machines on the net that are breeding grounds and launch pads for
> attacks.  I was of the opinion until I read this that the threats had
> become so bad in health care we need to think about creating secure
> overlay networks. What do you think? Thanks.
>
> **********
> Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
> http://www.educause.edu/groups/.

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/groups/.