Forwarded From: Simon Taplin <sticker@icon.co.za>
Taken from Business Times IT section
You have heard of the X-Files where special agents fend off the threat of
alien attacks. Now meet the X-Force, a team for software specialists doing
battle against equally insidious - and far more real - attacks on your
corperate network.
The X-Force is a squad of 20 young programmers developing network security
products for Internet Security Systems (ISS). Although companies were
transmitting an increasing amount of vital data electronically, network
security was often neglected, said ISS vice- president of Europe, Middle
East and Africa, Alex Bogaerts.
"Intrusions and attacks can come from anywhere in the world", he said.
"It's electronic warfare." An Ernst & Young survey showed that 42% if
companies had suffered "a malicious external attack" - 16% higher from the
previous year.
Of those attacks, 38% were confirmed as industrial esponiage. Just as
distrubing was a finding that 43% of companies were maliciously attacked
from the inside, by an employee with a grudge or a desire to see
confidential data.
About 80% of security crimes were committed by insiders, said Bogaerts.
"Every piece of software and every machine has its vulnerabilities. IT
could be a bug which lets an intruder take control of a machine or lets
them destroy files."
Human error was a major contributor to poor security, he said. Research
showed that 70% of firewalls leaked because thhey were badly maintained or
not configured correctly.
In Germany, 43% of companies that had installed the highly expensive and
complex SAP enterprise resource management software had not bothered to
change the default passwords.
A difficulty comes when people try to balance security against the need
for easy access for the right people. For instance, a firewall controls
access to a network, but makes entry for electronic commerce more
difficult.
"If you want to do electronic commerce you need security that is pervasive
but invisible," said Bogaerts.
In addition, a firewall did not give any feedback about who tried to
access a networrk without permission. This was useful information for
countering an attack.
"It is important to know who is attacking because people will come to the
firewall first to see how your network functions, before thet attack
through a back door," he said.
ISS had developed software able to monitor, detect and respond to threats.
One product can lead a hacker into areas of the network where they can do
no harm, without the hacker recognising he has been detected.
Another tool highlights weaknesses in the network and gives step-by- step
details how to fix it.
"Network security is not a project - it is a basic part of the network,"
said Bogaerts.
ISS is represented in SA by network security company SMC
-o-
Subscribe: mail majordomo@sekurity.org with "subscribe isn".
Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
Received on Tue Sep 8 09:01:20 1998