"Senate Panel Agrees with Avolio"

Okay, the headline actually says, Senate Panel: 80 Percent of Cyber Attacks Preventable, but basically the panel said what I have said in over 60 different blog entries (according to this search on "same old"). The article by Kim Zetter opens with this statement:
If network administrators simply instituted proper configuration policies and conducted good network monitoring, about 80 percent of commonly known cyber attacks could be prevented.
This October 2009 Wired article is an example of what I'm (and they are) talking about. The headline states "Time Warner Cable Exposes 65,000 Customer Routers to Remote Hacks." It goes on to mention "The device is installed with default configurations." (See what I wrote about default configurations and what to do about them at Top Ten Security Threats, but in this case it would not have helped as Time-Warner did not permit changing the router in question.)

Another Wired article pointing out a similar problem states, Scan of Internet Uncovers Thousands of Vulnerable Embedded Devices

Why don't we get it? None of it is expensive. None of this is hard. None of it is new.

No comments: