As difficult as 2003 was for businesses battling waves of security problems, next year promises to be just as bad, perhaps worse, as additional threats develop from peer-to-peer file sharing software and spyware, an end-of-the-year analysis released Monday by TruSecure concluded.
Based on research conducted on malicious code from the WildList Organization -- a virus and worm clearinghouse that tracks malware actually out and in the wild on the Internet -- TruSecure's ISCA's Labs tagged 2003 as one hellacious ride.
"No doubt, 2003 was bad," said Bruce Hughes, the director of malicious code research at ICSA Labs.
The biggest news, he said, was the huge increase in what he dubs 'perimeter killer' worms, those which don't spread via the traditional method of e-mail but instead directly attack networks through software vulnerabilities and open ports to the Internet. The best examples in 2003 -- SQL Slammer, Blaster, and Nachi -- knocked out thousands of servers and workstations during the year. The number of such worms increased by 200 percent from the start of 2003 to its conclusion, according to Hughes' research.
Although mass-mailed viruses and worms like Sobig will continue to increase, albeit at a relatively slow-paced rate, most enterprises are blocking their payloads at the gateway by refusing to allow executable file attachments through to end users. Not so with consumers, who will still struggle with these more-or-less traditional security threats during 2004.
To realize the benefits of cloud-native software, an application must actually be cloud-native—designed to run in the cloud, interacting with disaggregated cloud services, fully manageable as code—to deliver the expected benefits.
By combining resources and expertise, the AI-Enabled ICT Workforce Consortium will offer a blueprint for how industries can adapt to an AI-dominated future.
IT leaders should heed the guidance of cybersecurity insurance providers who think businesses should prioritize security education, incident preparedness, regular internal audits, and ongoing vulnerability scanning and patching.
