dirtycow
Security

What if we gave non-technical security issues vulnerability logos and names?

What could do more damage to your business: CVE-2017-8759 or Epic Banana? CVE-2017-0262 or Extra Bacon?

Funny exploit names are all the rage: This year we’ve had WannaCry (powered by EternalBlue), NotPetya, Krack, and Pork Explosion. In years gone by we’ve had Heartbleed, StageFright, Shellshock, Dirty Cow, Poodle, and Freak. Many come with a nice logo so media outlets don’t have to those terrible stock photos of hacking (even cyber criminals ‘get’ branding these days).

But there’s also been hundreds, if not thousands, of other vulnerabilities, exploits, and problems, most of which probably didn’t come with fun names or logos, just technical names. While the fun ones grab the attention, are they all as equally bad?

“It’s actually driving the wrong behaviour, because when we see these vulnerabilities come up suddenly it drives a knee-jerk, ‘go patch all the things’ reaction,” Gavin Millard, Technical Director at Tenable Security, told IDG Connect last year.

His argument is that the addition of a logo and catchy name mask the seriousness of the vulnerability; where Heartbleed and Shellshock were very dangerous, Freak and Poodle weren’t as bad, something which is impossible to tell without the right background knowledge, yet all create similar levels of ‘Are we adequately protected?’ hysteria.

To continue reading...


PREVIOUS ARTICLE

« Why the retreat from the public cloud?

NEXT ARTICLE

Why you need an effective IP exit strategy »
author_image
Dan Swinhoe

Dan is a journalist at CSO Online. Previously he was Senior Staff Writer at IDG Connect.

  • twt
  • twt
  • twt
  • Mail

Recommended for You

Trump hits partial pause on Huawei ban, but 5G concerns persist

Phil Muncaster reports on China and beyond

FinancialForce profits from PSA investment

Martin Veitch's inside track on today’s tech trends

Future-proofing the Middle East

Keri Allan looks at the latest trends and technologies

Poll

Do you think your smartphone is making you a workaholic?