The National Vulnerability Database has been brought back online following an extended outage prompted by a successful infiltration of its website last week.
The National Institute of Standards In Technology (NIST) followed standard protocol when it brought the site and related websites offline after detecting suspicious traffic attempting to communicate to remote servers. The agency found malware on two web servers, which was then traced to a software vulnerability, according to Gail Porter, director of the NIST public affairs office. The site and a handful of other sites connected to the web servers were taken offline March 8.
Porter announced the return of the NVD site in addition to the National Checklist Repository website, which was also brought back online Friday. "We are still working to restore other sites associated with the NVD as quickly as possible," Porter said.
Porter did not comment on the nature of the vulnerability that was targeted in the successful attack last week. The sites were not set up as attack platforms, she said, adding that the malware infection appears to be contained.
"NIST continually works to maintain the integrity of its IT infrastructure and acts to limit the impact of malware on its systems," Porter told CRN. "We regret the impact this has had on our services."
Website vulnerabilities are the most commonly targeted bugs by cybercriminals. Sites are plagued with coding errors and attack toolkits have automated the process of finding them on the Internet and setting up attack platforms to spread malware to site visitors.
Cross-site scripting and SQL injection errors continue to be the most prevalent and highly targeted web application vulnerabilities, according to a new report issued by Campbell, Calif.-based web security vendor Cenzic. Website content management systems and their components also harbor many vulnerabilities and often lack the latest patches, making them easy targets of attack.
PUBLISHED MARCH 15, 2013