third Cyber Security Assessment Netherlands - NCSC

More documents

Recommendations

Info

Development in number of CVE IDs and security advisories 2500 250 2000 200 1500 150 1000 100 500 50 2010Q1 2010Q2 2010Q3 2010Q4 2011Q1 2011Q2 2011Q3 2011Q4 2012Q1 2012Q2 2012Q3 2012Q4 2013Q1 NCSC security advisories Trend NCSC security advisories CVE IDs Trend CVE IDs Figure 5. Number of CVE IDs per quarter Impact of vulnerabilities per quarter 2012Q2 - 2013Q1 80 70 60 50 40 30 20 10 0 2012Q2 2012Q3 2012Q4 2013Q1 Low (CVSS) Moderate (CVSS) High (CVSS) Low (NCSC) Moderate (NCSC) High (NCSC) Figure 6. Seriousness of vulnerabilities per quarter 80
Detailed section » 7 Vulnerability of IT Development in new web-based vulnerabilities 2005-2012 1200 1000 800 » 600 400 200 0 y2005 y2006 y2007 y2008 y2009 y2010 y2011 y2012 XSS SQL injection CSRF Figure 7. Development in web-based vulnerabilities 7.2.2 Impact of vulnerabilities in software An analysis of the CVE registrations and NCSC security advisories reveals that the majority of vulnerabilities have a moderate impact: this is true of approximately 40 to 61 per cent of all vulnerabilities (Figure 6). There has been little change in the impact of vulnerabilities over the previous four quarters. What is notable is that the proportion of vulnerabilities with the highest CVSS score (10) has increased in recent years. This means that an increasing proportion of the vulnerabilities are easy to exploit (remotely, not complex and without authentication) and they also have a high impact (availability, integrity and confidentiality are all compromised). This highlights the importance of patching software. 7.2.3 Causes of vulnerabilities in software Table 8 describes the top 10 causes of vulnerabilities throughout the reporting period of this CSAN. Research shows that errors concerning memory management (primarily buffer overflow) in standard software have been the most common vulnerabilities for over 25 years, despite the raft of [55: VU 2012] measures that have been developed in the meantime. Description Number of registrations 1 Buffer overflow 625 2 Cross-site scripting (XSS) 556 3 Insufficient input validation 503 4 Problem with authorisation and access control 498 5 Resource management 283 6 Accidental disclosure of information 184 7 SQL injection 146 8 Computing and conversion errors 124 9 Cross-site request forgery (CSRF) 122 10 Code injection 105 Table 8. Major causes of vulnerabilities It is notable that many of the vulnerabilities are related to web applications: cross-site scripting (XSS), SQL injection and cross-site request forgery (CSRF) are common in web applications and are therefore the cause of many vulnerabilities. There has been a clear decline in SQL injection following a peak in 2008 (Figure 7). There has unfortunately been an increase in XSS. This is noteworthy, certainly given the fact that developers now assume XSS to be a known vulnerability. The graph below outlines the trend in developments of these web-based vulnerabilities during recent years. 81
Page 1:
Cyber Security Assessment Netherlan
Page 4 and 5:
National Cyber Security Centre The
Page 7:
Contents Foreword 3 Summary 7 Intro
Page 10 and 11:
on governmental organisations and b
Page 12 and 13:
However, it is assumed that they ar
Page 15 and 16:
Introduction Information Technology
Page 17:
Core assessment 1 Interests 17 2 Th
Page 20 and 21:
1.2 Dependency IT dependency contin
Page 22 and 23:
Increased IT dependency in electric
Page 24 and 25:
on the internet such as an electric
Page 26 and 27:
approached or incited by states for
Page 28 and 29:
Actor Intentions Skills Targets Sta
Page 30 and 31:
get the script kiddies started. One
Page 32 and 33: location’, there is no one single
Page 34 and 35: Furthermore, business information c
Page 36 and 37: environments often arise from the i
Page 38 and 39: not only smart phones, tablets or c
Page 40 and 41: 5.3 Technology Norms, guidelines an
Page 42 and 43: ACM seeks active collaboration with
Page 45 and 46: Core assessment » 6 Manifestations
Page 53: Core assessment » 6 Manifestations
Page 57 and 58: Detailed section » 1 Cyber crime
Page 59: Detailed section » 1 Cyber crime
Page 62 and 63: magnitude of digital espionage inci
Page 65 and 66: Detailed section » 3 Botnets 3 Bot
Page 67 and 68: Detailed section » 3 Botnets » Do
Page 69 and 70: Detailed section » 4 DDoS 4 DDoS
Page 71: Detailed section » 4 DDoS 4.3 Resi
Page 74 and 75: An attacker can abuse devices linke
Page 77 and 78: Detailed section » 6 Grip on infor
Page 79 and 80: Detailed section » 6 Grip on infor
Page 81: Detailed section » 7 Vulnerability
Page 85 and 86: Detailed section » 7 Vulnerability
Page 91: Detailed section » 7 Vulnerability
Page 94 and 95: Leak in the Humannet website belong
Page 96 and 97: In 2012, ACM received a total of 14
Page 98 and 99: car park will not open. It is annoy
Page 100 and 101: 9.6 The resilience of ICS Security
Page 102 and 103: 100 [22: McAfee 2013-2] McAfee: Thr
Page 104 and 105: 102
Page 106 and 107: Incidents Types of government incid
Page 108 and 109: Classification Classified data Clou
Page 110 and 111: Information Information security In
Page 112 and 113: Spoofing/IP spoofing SQL injection
Page 114: 112
show all

third Cyber Security Assessment Netherlands - NCSC

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?