Start your day with intelligence. Get The OODA Daily Pulse.

Early Alerting – The Key To Proactive Security

The security challenges facing today’s enterprise networks are intensifying — both in frequency and number. The Blaster worm arrived just 26 days after Microsoft disclosed an RPC DCOM Windows flaw and released a patch for vulnerable systems. The worm took advantage of what some security experts have called the most widespread Windows flaw ever. For a time, Blaster was infecting as many as 2,500 computers per hour. One thing is becoming unmistakably clear: Time is no longer on our side. As an indication of just how much the environment has changed, consider that the far-reaching Nimda and Slammer worms had vulnerability threat windows of many months, leaving plenty of time for the vendor of the vulnerable software to create a patch and warn the public, reducing potential threat damage. A study conducted by Qualys and released in July, that correlated nearly 1.5 million scans over the course of a year and a half found that 80 percent of exploits are released within 60 days of a vulnerability’s announcement. Security specialists often speak of the “vulnerability threat window,” or the time between the discovery of a vulnerability and an exploit of that vulnerability by a specific threat. Blaster, as we have seen, arrived just weeks after Microsoft announced the RPC DCOM vulnerability, leaving little time for administrators to secure their networks. Full Story