Trustwave's recently published 2010 Global Security Report shows that the top two attack vectors, by far, resulting in breaches are Remote Access Applications and Third Party Connections. Here is the list of the top five:
> 95% Remote Access Application
> 90% Third Party Connection
> 15% SQL Injection
> 10% Exposed Services
< 5% Remote File Inclusion
Clearly for each breach they investigated, there was more than one attack vector. It's also important to note that 98% of their investigations were on Payment Card Data breaches. No surprise since Trustwave is focused primarily on PCI compliance. The report does not indicate what percentage of the breaches occurred at organizations for which Trustwave was the QSA.
Regardless of these caveats, I believe it is worthwhile to note the total dominance of Remote Access Application and Third Party Connections.
It is imperative that organizations upgrade their firewalls to provide network segmentation (zoning) and to be able to recognize and control the use of most major application categories including Remote Access Applications.
Unfortunately you will have to register here to get the full report.
