NTA Monitor

Latest News

Living with threats

1st August 2010 Back in 2004, Bill Gates predicted that spam would be a thing of the past within two years. As we all know now, and quite a lot of people predicted at the time, far from being a solved problem, the volume of spam has continued to increase. Read More

Web application security goes from bad to worse in many sectors

27th July 2010 NTA Monitor's 2010 Annual Web Application Security Report analysed the data gathered from web application security tests performed for a wide range of industry sectors over a 12-month period... Read More

IT Managers get to grips with Internet security issues

4th May 2010 According to NTA Monitor's 2010 Annual Security Report, the average number of Internet security vulnerabilities afflicting organisations has fallen.. Read More

Responsible Patching

1st January 2010 Microsoft's response to the "zero day" exploit that was used in the cyber attacks against Google shows that software vendors still have a lot to learn when it comes to responding to vulnerabilities. Read More

NTA Monitor's Annual Security Report 2006 released

NTA Monitor's 2006 Annual Security Report reveals that education is the most vulnerable sector to network attacks. Tests were conducted on a variety of sectors, including charities, education, finance, government, IT and retail.

The report discovered that 61% of companies tested have one or more high risk vulnerability in their Internet connections. NTA classifies a high risk flaw as a vulnerability that allows unauthorised external users to obtain system access. The vulnerability is widely known and actively exploited by hackers, leaving companies susceptible to Denial of Service attacks or remote system compromise.

Roy Hills, Technical Director at NTA Monitor, says: "The majority of the high risk flaws found were service specific, relating to the services that were accessible within the gateways tested. Nine of the ten most commonly occurring high risk issues fell within this area, with the remaining issue being Internet router related. An attacker who was aware of the programs being used and their flaws could exploit those vulnerabilities to gain network access or launch a Denial of Service attack."

The report analyses data gathered from vulnerability tests conducted by NTA Monitor during 2005 on UK and international companies in a wide range of industry sectors, including charities, education, finance, government, IT, law and retail. The industry sector with the highest number of vulnerabilities was education, with an average of 61 risks per test, followed by government with an average of 26 risks per test. The lowest number of risks per industry sector was found in the mining sector and housing associations, which each had an average of 11 risks per test.

Hills continues: "Of the companies tested, 99% had one or more informational risks indicating that typically companies have poor security housekeeping policies or lack the knowledge of how some Internet mechanisms work. These companies need to tighten their procedures and fix flaws as soon as they are discovered to further minimise the risk of attack."

Overall, the 2006 Annual Security Report findings show that although organisations tested have taken steps to reduce the amount of high risk security vulnerabilities on their networks, they are still too common, leaving companies and public sector organisations unnecessarily vulnerable.

You can request the full report from NTA Monitor by emailing marketing@nta-monitor.com.

This article was first released on: 28th June 2006