NTA Monitor

Latest News

New version of network scanning tool arp-scan released

15th March 2011 A new version of a respected and popular network scanning tool has been released. Read More

Tests show rise in number of vulnerabilities affecting web applications with SQL Injection and XSS most common flaws

1st March 2011 SQL injection and cross-site scripting (XSS) were the most common flaws found in web applications in 2010 according to results from tests carried out by NTA Monitor. Read More

Assess risk to manage effects of budget cuts

9th February 2011 Signs of economic recovery may be appearing in some industries, but for most organisations - particularly in the public sector - budget cuts and cost savings are here to stay for the foreseeable future. Read More

"Basic security threats not changed in 15 years"

1st February 2011 There may have been significant technological advances to the hardware and software organisations use, but according to Roy Hills, who co-founded NTA Monitor in 1996, the basic security threats have not changed in the last 15 years. Read More
Date: 1st June 2007
Risk: Informational

NTA Monitor's 2007 Annual Security Report has revealed that 32% of UK organisations tested had critical vulnerabilities that are widely known and actively exploited by hackers, compared to 61% in the 2006 report, indicating that companies have improved their security posture in the last year.

The report analyses data gathered from vulnerability tests conducted by NTA on UK companies in a wide range of industry sectors, including charities, education, finance, government, IT, law and retail.

Although the number of tests exposing vulnerabilities that may enable external users to gain unauthorised system access or disrupt service availability has almost halved, the picture is not bright for everyone. Whilst improvements in overall security have been achieved by most industry sectors, publishing and finance have seen an increase in the average number of vulnerabilities found per test. For financial institutions, the average number of risks increased by 16% year on year, whilst publishing saw an increase of 28%.

Roy Hills, Technical Director at NTA Monitor, says: "There are a variety of ways of causing Denial of Service attacks, one of which occurs when a server is bombarded with more information than it can handle, resulting in legitimate users being unable to access or use the network. Other security flaws that our testing discovered could permit hackers to gain entry to corporate networks and change users' passwords or delete files, which could wreak corporate havoc."

Of the 10 most commonly occurring critical vulnerabilities, seven were found in last year's report, indicating that these same issues continue to take their toll. All of the top 10 high risk flaws are associated with services that are being made available to Internet users, demonstrating that with increased functionality comes the threat of reduced security.

NTA Monitor recommends that companies apply the following recommendations to raise awareness and minimise their exposure to IT security risks:

A copy of the NTA Monitor Annual Security Report 2007 is available on request from NTA Monitor. Call 01634 721855 and ask for Judith Holmes or email marketing@nta-monitor.com

References