Security products could soon be the main vehicle for hacker attacks on businesses, an analyst group has warned.
Yankee Group research shows that hackers could be tempted to attack networks by targeting weaker security products rather than desktop and server operating systems such as Windows.
Microsoft claims to have made Windows more secure against attacks, and Yankee’s research seems to back that claim up.
Its analysis of industry vulnerability data shows that in the 15 months to the end of March 2005, security suppliers reported 77 separate vulnerabilities in their products.
Yankee said the rate of discovery of security product vulnerabilities had increased significantly faster than the rate for products made by Microsoft, for instance.
If these trends continued through 2005 the number of vulnerabilities for security products would be 50% higher than for 2004 levels, said Yankee.
“Security researchers are increasingly less interested in poking holes in desktop operating systems,” said Yankee Group analyst Andrew Jaquith. “A more fascinating and profitable area exists in finding vulnerabilities in the products meant to defend against the attacks themselves.
“It is time for the security vendors to stand up and make their own products more secure before they become preferred conduits for professionally designed malware distributed by hackers.”