16.01.2009

FICORA's CERT-FI annual review 2008

Internet is more and more vulnerable

Prevalent vulnerabilities regarding the infrastructure of the internet emerged in 2008. Of these, the most notable one was a vulnerability related to the internet domain name service. If left unpatched, it would have enabled the misdirection of the internet user or routing of e-mail to a false address. The most significant Finnish name servers were soon upgraded to safer versions, which is why the exploitation of the vulnerability remained limited.

Malware are spread systematically
The most common reason behind break-ins is to spread malicious content online. Malware is spread via hacked web servers and spam. Illegal operations exploiting the botnet networks of hacked computers have proved to be more concentrated than expected.

In 2008, FICORA's CERT-FI unit published two information security warnings, 156 vulnerability alerts and 83 Information security now! articles.

The information is presented in the annual review of FICORA's CERT-FI unit responsible for incident handling and response. The review looks at the most significant threats to information security, such as malware and their effects in Finland as well as development trends and future prospects of data break-ins and vulnerabilities. The objective of the review is to support companies and organisations in their attempts to improve the management of information security risks.

The annual review of CERT-FI is available on FICORA's websites at www.ficora.fi and www.cert.fi.

Further information:
Ari Husa, Information Security Adviser, tel. +358 40 722 3130