Threat Level: green Handler on Duty: Pedro Bueno

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

A Year In Review - A Look Back at 2007

Published: 2007-12-29
Last Updated: 2007-12-31 19:57:25 UTC
by Deborah Hale (Version: 1)
0 comment(s)

Here we are, closing in on the end of another year.  The year 2007 has been a rather interesting year in the land of bits and bytes and the land of the Internet/Cyberspace. I was contemplating the past 12 months and trying to determine what the highlights would be.  I decided to turn to the Internet itself and see what my fellow computer security folks were saying.

I first turned to the folks at IronPort.  IronPort has posted a paper on their site that gives their take on the past 12 months.  Their observations are quite interesting and in my opinion on target.  You can take a look at their report at:

http://www.ironport.com/securitytrends/

In their report they indicate that it appears that the spam volume has increased and has become more dangerous in nature.  No longer does spam just try to sell us ridiculous things it now attempts to lure us into clicking on the link that leads to identity theft and/or malicious program installation and virus infections.  I know that it has been said a hundred times in the past but it bears repeating…  Think Before You Click…  If only we could get this one point across to our non techie, home users, we could clean up a lot of the bad stuff happening out in Cyberspace.

Next I turned to our own SANS Internet Storm Center.  

http://isc.sans.org/diaryarchive.html

One of the biggest threats we had this year was the early and on going outbreak of the Storm worm/Trojan/virus.  Around the middle of January 2007 we began to see emails surfacing with subjects ranging from dangerous storm in Europe, super bowl excitement, to announcements of the death of Castro and Hussein’s resurrection.  Throughout the year our inboxes were blasted with greeting card links from family members, business colleagues, friends celebrating every holiday between Super Bowl Sunday and the upcoming New Years Day.  At its heyday some “experts” believe that we had as many as 10 million infected computers.  Microsoft Defender update is said to have removed the infection from close to 250,000 computers alone in the month of September. We do know that there are still a number of infected computers out there and plenty of Storm Bot activity still exists.  A new round started last week and is trying to get a foot hold on computers that are not already infected or have been cleaned and not been properly protected. The only way we can eliminate this type of activity is to become Cyber Savvy and conscientiously work to improve the security of our business and our home computers.

This year also saw an increase in the number and sophistication of the XSS, PHP and web defacements.  It seems like every time we turned around there was another alert, warning or patch being released. 

We also had the change to the Daylight Savings Time begin and end to deal with.  Luckily this for the most part turned out to be a non event.  Sure there were some problems but the Internet did not crash and burn as a result of the change.  Now as to whether or not this change was wise and is really going to save energy/money/fuel has yet to be seen.  I am not sure how long it will be before we see anything concrete on that topic.

Back in October, if you recall, we did a full month of Cyber Tips.  I for one can tell you we got some tremendous input from our readers on both the topics that should be covered and on the information/action items that were posted in the diary each day.  It was great getting the feedback and I think all of the Handlers that participated and assisted in the development and review of this information did a terrific job. And I think we all felt that we had learned a lot from you, our loyal readers.

Then I turned to SANS Institutes Top 20 and Top 10 lists.  A Must reading for all who are involved in Internet or Computer Security.

SANS again has updated the Top 20 Security Risks

http://www.sans.org/top20/

 and

the Top 10 Security Trends

http://www.sans.org/resources/10_security_trends.pdf

It is very helpful and interesting reading. If you haven’t looked at these already you should.  May even give you some insight into things to come.

I could go on for pages and pages about the year in review.  However, that might be pretty boring.  So with that I would like to open this up to you our readers.  What do you think was the most interesting/critical thing that we faced in 2007?  If you have any thoughts on what 2008 will hold, let us know. 

I have been trying to figure out what my slogan for 2008 will be.  I haven’t found a really awesome one yet.  I am leaning towards:

 Security – Make it great in 2008.

Let us know if you have any really good ones. In the meantime, I want to say thank you to the best group of friends I have ever had, my fellow handlers.  To those of you that I have met in person and to those who I only know from the “room” and email, may you have the happiest New Year ever.  I look forward to spending another year with each and every one of you.  To all of our readers and contributors, thanks for an awesome year and I look forward to hearing from you in 2008.

Signing off – Til next year.

Deb

 

Update 12-31-07:

 It appears that Symantec has posted their 2007 Year In Review. They have a very interesting list. Thanks to Juha-Matti for sending us the link.

www.symantec.com/enterprise/security_response/weblog/2007/11/a_lookback_at_the_security_tre.html

Keywords:
0 comment(s)
Diary Archives