BENGALURU: Around half of all known security breaches on the internet were the result of vulnerabilities which are at least two to four years old, according to Hewlett Packard (HP) which released its 2015 Cyber Risk Report recently.
The report, which is authored by HP Security Research, stated that well known issues and badly configured servers contributed to the most serious threats in 2014.
At a security briefing on the report , Jyoti Prakash, Country Director, India and SAARC, HP Enterprise Security Products said, “Many of the biggest security risks are issues we have known about for decades, leaving organisations unnecessarily exposed. We can’t lose sight of defending against these known vulnerabilities by entrusting security to the next silver bullet technology; rather, organisations must employ fundamental security tactics to address known vulnerabilities and in turn, eliminate significant amounts of risk.”
The report highlights the fact that in 2014, 44 percent of known breaches in company network security were the results of well known techniques and all the top ten vulnerabilities detected and exploited last year were taking advantage of code which was written years ago.
Badly configured servers also allowed attackers access to files which should not have been available and this left organizations open to attacks, the report says. The level of mobile malware detected also rose last year and several Internet of Things (IoT) devices also presented security issues, the report says.
“Most vulnerabilities stem from a relatively small number of common software programming errors. Old and new vulnerabilities in software are swiftly exploited by attackers,” the report says.