Tim Wilson at Dark Reading makes a very good point about something that irks me – vendors who publish self-serving “research” about issues that will help sell their products. Also – he has found two articles, both with merit and I agree with him:
The IronPort study goes beyond the usual “hacker trends” research and asks some important questions about who’s funding the rapid growth of botnets. The answer: pharmaceutical resellers, who need botnets as a launching pad for extensive spam campaigns that sell prescription drugs illegally.
What’s impressive about the IronPort study is not just the technical research that led the authors to analyze the use of botnets and backtrack their use for specific campaigns. What’s impressive is that IronPort actually went as far as ordering some of the illegal drugs and having them analyzed, proving that most of them contained the wrong dosage or were out-and-out placebos. Do we need to ask any more questions about the legitimacy of these spammers? It certainly doesn’t seem so.
Similarly, the Verizon report offers some real meat to the discussion over how data security breaches occur. Instead of just asking breached businesses what they think, the Verizon study compiles data from actual forensic investigations conducted at major corporations over a three-year period. If anybody knows what caused a breach, it ought to be a forensic investigator. (See Verizon Study Links External Hacks to Internal Mistakes.)
Like the IronPort study, the Verizon study doesn’t just look at the symptoms and effects of a security problem, but attempts to identify the causes. What it shows is that most breaches are the result of multiple factors, rather than just one — typically, an internal mistake followed by a shrewd exploitation of that mistake by an attacker.
Good one, Tim.
http://www.darkreading.com/blog.asp?blog_sectionid=327&f_src=drdaily
