Cyber ​​Security, we finally have an "Infosec" web application

(To Massimiliano D'Elia)

According to recent studies, a constant number of companies have claimed to have suffered a cyber attack (37,6%) with an exponential growth in the number of attacks per company, organization. This phenomenon affects companies whose size and notoriety, at an international level, make them an attractive target for Cybercrime, which will attack them repeatedly, with increasingly sophisticated techniques. 

These are some of the data contained in the sixth edition of the study ofObservatory on Digital Attacks (Oad) made by Aipsi, the Italian chapter of Issa, and presented by F5 Networks.

The report analyzes the attacks detected in 2015 on the IT systems of organizations of all sizes and product sectors, including central and local public administrations, and notes how companies react today and what are the prevention, protection and recovery tools in use to counter and limit the effects.

If the known vulnerabilities are normally resolved by the manufacturer-suppliers, issuing patch and updates of ; these are not always installed promptly by the companies, and only the 44,5% of the respondents declared to update the in use.

Some vulnerabilities, not known or remedied, can turn into a dangerous weapon for the Cybercrime. The most critical and widespread vulnerability, according to the interviewees, is still linked to people's behavior: good faith, inattention or naivety, lack of knowledge of how to use ICT tools safely and low sensitivity to IT security remain the cause. main of most successful attacks, especially in a context where personal vulnerabilities related to social networks, email, and mobile devices, greatly amplify the phenomenon. 

Italy has been facing the problem with the necessary attention only for a few years. The system and the computer architecture of the companies, the Public Administration and above all the critical structures must be able to defend themselves with top-level security applications. Unfortunately the effectiveness of the applications is directly proportional to the investments, which almost all companies do not have in their budgets. How much money could be lost, following a malicious attack, is overlooked. Only the State can and must remedy to safeguard the security of the country's production system.

Finally something has moved in this direction, Computer Emergency Response Team (Cert) of the Public Administration and Agency for Italy Digital of the Presidency of the Council of Ministers announced one web application whose goal is to provide a tool for a correct assessment of cyberthreats brought to IT infrastructures.

"Infosec" is online, one web application for cyber security focused on the management of application vulnerabilities and related risks. Starting from a single vulnerability, it is possible to trace the type of weakness (CWE) of the entity subject to the security flaw and from this take into consideration the various attack techniques (Common Attack Pattern Enumeration and Classification, Capec) associated with the weakness itself.

The purpose of the application is to be a tool to support security management in the assessment phase following the release of new vulnerabilities.

But it is also possible to develop an inverse logic that, from the attack technique undergone, allows to arrive at the CVEs (and therefore the vulnerabilities) used, by crossing the CPE data included in the CVE entities with theasset manager organization.

In practice, the site, which aims to provide a tool for a correct assessment of the cyber threats brought to IT infrastructures, is an aggregator of data and information related to attack techniques, vulnerabilities hardware e , originally published by MITER and released with detailed specifications by the "National Vulnerability Database" (NVD).  

I can say that you're running for cover, better late than never !!! It is an important starting point in the fight against cybercrime.

(photo: US Air Force)