TrustWave Inc. analyzed data gathered from over 1900 penetration tests and over 200 data breach investigations and concluded that the top 3 ways to sneak into a network in 2009 were via:
- Remote access applications
- Trusted internal network connections
- SQL injection attacks
In other words, access was gained through methods that have been around for years and most of them can be patched (what do you say to that, Marcus? See item #6).
Conclusion? Stop chasing the latest and greatest new-fangled attacks and refocus on common entry points, like locking your doors and windows.
Read the CIO magazine article here.
ITauditSecurity 