Corporations riddled with security holes

Poor corporate IT security is leaving businesses vulnerable - with almost 90 per cent of breaches found to have been preventable.

A trio of studies have painted a damning picture of business security, with online vulnerabilities rising as companies and authorities fail to apply patches, update antivirus software and leave firewalls disabled.

Vulnerabilities on UK company and public sector networks grew from 19 last year to 21 this year according to security analyst NTA Monitor and 87 per cent of data breaches could have been avoided by regular patching and other precautions according to a Verizon Business report into 500 forensic investigations.

Further Plc failings were highlighted by IT security firm Sophos that found that 81 per cent of 580 corporate PCs tested worldwide were missing patches and software updates and had disabled firewalls.

Finance, government, legal, retail and utilities sectors have all seen an increase in the number of overall vulnerabilities according to NTA, with government being the only sector to suffer from all of the top 10 high risk flaws.

Of this year's top 10 vulnerabilities, seven were found in last year's report and all are associated with services being made available to internet users.

Breaches originating outside the company were also the main threat identified by Verizon, responsible for 73 per cent of breaches, with 39 per cent due to a business partner.

Roy Hills, technical director at NTA said in a statement: "A hacker could also gain entry to the corporate network and change users' passwords or delete files, which could wreak corporate havoc.

"These high risk vulnerabilities are widely known and actively exploited by hackers, leaving many companies susceptible to attack."

Below are the top 10 high risk flaws in UK corporate and government networks, according to NTA Monitor:

• Internet Information Servers internet printing protocol is enabled: Enables print jobs to be controlled online and early versions contain a buffer overflow vulnerability that can lead to system compromise.
• Open Secure Shell (SSH) buffer management flaw below version 3.7.1: Some SSH servers are running a version of OpenSSH which is known to be vulnerable to a buffer management vulnerability that can allow attackers to stop servers from working or take control.
• Open Secure Socket Layer (SSL) certificate parsing vulnerability: Some web servers are using OpenSSL to provide encryption. Some OpenSSL versions are known to contain several vulnerabilities that could allow an attacker to carry out a denial of service attack or execute arbitrary code on web servers.
• Chunked Encoding Vulnerability in Apache: Versions of Apache prior to 1.3.26 have a vulnerability in the way they perform decoding of requests making it possible for remote attackers to cause a buffer overflow on affected systems.
• Apache mod_ssl Log Function Format String vulnerability: Some versions of mod_ssl running on a server are affected by this vulnerability. Successful exploitation of this issue would allow an attacker to gain control of processes and execute arbitrary code.
• Apache mod_ssl CRL Handling Off-By-One Buffer Overflow: If a web server is running a version of mod_ssl prior to 2.0.54, it may be vulnerable to a buffer overflow attack that can allow an attacker to trigger a denial of service condition or execute arbitrary code.
• Berkeley Internet Name Domain version vulnerable to buffer overflow: Some versions of BIND running on the DNS server may contain a buffer overflow vulnerability which can allow an attacker to crash the system.
• Microsoft Exchange 2000 MS03-46 Heap Overflow: A Heap overflow vulnerability can be found in MS Exchange 2000 which may allow an unauthenticated attacker to remotely execute commands on the Exchange server and ultimately compromise the system.
• Vulnerabilities in mod_ssl: Versions of mod_ssl are known to contain a vulnerability which allows remote attackers to overflow a buffer and execute arbitrary code.
• Sendmail Remote memory leak buffer overflows: Servers that run some versions of sendmail may be vulnerable to this type of attack, which can allow attackers to cause a denial of service.