Black Hat attendees pick mobile threats as the next hot security topic

Share this article:

Mobile threats were considered the next major security issue by IT professionals who attended the Black Hat conference in Las Vegas this week, according to a survey released today by Symantec.

The respondents, 42 percent of which were IT managers, also cited virtualization and web services as future hot topics. Web technologies were considered the area of greatest concern for IT managers, according to the survey.

Javier Santoyo, a manager at Symantec Security Response, told today that security professionals realize mobile devices will be more frequently targeted as technology improves.

"Mobile has always been interesting. In Eastern Europe and Japan, it’s always been bleeding edge, and as we see more and more here with the smart phones, where you can basically do everything you can do on your PC, you can tell that’s the next approach," he said. "In that sense, you make everyone a remote user in your enterprise."

A majority of IT managers (60 percent) are most concerned with vulnerabilities on Windows XP platform and least concerned with flaws on Linux, according to Symantec. Interest among IT managers in reviewing Microsoft’s Windows Vista platform dropped 14 percent to 41 percent of all respondents this year; however, it still receives the most interest from IT managers.

Thirty-eight percent of IT managers said they were concerned with Vista vulnerabilities, a seven percent increase from 2006.

Thirty-six percent of respondents said they were researching messaging and scripting technologies at the conference, followed by operating systems and infrastructure networking technology, according to the survey.

Respondents were decidedly against public vulnerability auctions. Eighty percent of those surveyed said such auctions put the public and the vendor at risk. Fifty-nine percent of respondents identified themselves as researchers who are paid the market rate for their research, regardless of who ultimately purchases the vulnerability.

Santoyo said today that even at a conference known for attracting hackers, public opinion has tilted against vulnerability auctions.

"It’s somewhat obvious in the sense that auctions cause unsafe environments. Basically, IT managers and researchers all understand that if they all start auctioning off vulnerabilities, it’s only going to increase the risk to end-users. Of course, that doesn’t mean they won’t do it anyway," he said. "I think that everyone understands the implications behind it, and that it’s not going to be a good thing, that it’s going to do harm."


Click here to email Online Editor Frank Washkuch.

Click here for the latest SC Magazine Podcast – July 30, 2007: Is the iPhone an IT security threat?

Share this article:

Sign up to our newsletters

More in News

Hackers target video game companies to lift copy protections and develop cheats

A threat group is targeting video game companies in order to lift DRM protections, develop cheats and possibly to steal source code.

Android malware spreads via mail tracking SMS spam

The mobile malware is currently targeting German users, McAfee revealed.

About 2,800 victims of worldwide info-stealing campaign targeting various sectors

About 2,800 victims of worldwide info-stealing campaign targeting ...

Unknown attackers have claimed about 2,800 victims in an ongoing information-stealing campaign identified by Kaspersky Lab as "Crouching Yeti."