Network Security

About 722 days ago Computer Security | Data Security | Network Security | Spyware and Malware

Pentagon Prepares for Cyber War

cyber_warfare

Computer hacking is a nuisance for anyone, but at the Pentagon, it’s now an act of war. According to the Wall Street Journal, the Pentagon has mapped out a formal cyber strategy identifying computer sabotage from of another country as an potential attack on America. This new policy, unclassified portions of which to be made public next month, prepares against hackers that could interfere with U.S. nuclear reactors, subways, or pipelines in an equally destructive way as a physical militant force. READ MORE »

About 734 days ago Computer Security | Data Security | Network Security | Spyware and Malware

Industrial Hacking Demo Cancelled at Homeland Security Request

A demo of how to hack Siemens industrial control systems was cancelled at TakeDownCon after the department of Homeland Security and Siemens asked the security expert presenters—nicely—not to show the audience how these systems can be breached. These industrial systems, called SCADA for “supervisory control and data acquisition” control such things as factory operations, power plants…and warships. READ MORE »

About 748 days ago Antivirus Software | Network Security | Spyware and Malware

New DIY Malware Targets Mac OSX

apple-malware

If your company uses Windows, you’ve probably been irked more than once by the smugness with which Mac users brag that they don’t have to worry about viruses or other malware. Same goes for Linux users. Turns out they’re both wrong. The Danish security firm CSIS has discovered a new do-it-yourself malware kit targeted specifically at Mac OSX being sold quietly in underground forums under the name Weyland-Yutani BOT. READ MORE »

About 748 days ago Managing Technology | Network Security | Wireless Networks

Ruling: You Can’t Be Sued by IP Number Alone

Just because something comes from your IP address doesn’t necessarily mean you did it. It could have been a colleague borrowing your computer, or a janitor using it after hours. It could even have come from someone outside your office altogether, piggybacking on your Wi-Fi. This self-evident fact has been acknowledged in a new decision by U.S. District Court judge Harold Baker, who ruled that the Canadian adult film company VPR Internationale can’t subpoena an ISP for personal information on its subscribers. READ MORE »

About 748 days ago Data Security | Network Security

Sony Hackers: We Are Legion

From Wall Street Journal Courtesy: Reuters

As the details of what is being dubbed as one of the biggest data breaches to date is gradually unfolding, the taunting message that the unknown hackers left on a file that Sony recovered seems to come straight out of a movie scene. The message reads, “We are Legion.” READ MORE »

About 757 days ago Cloud Computing | Network Security | Servers and Routers

Defending Amazon’s Downtime

Many critics are still castigating Amazon Web Services, after an outage last week hobbled sites ranging from Reddit to Hootsuite to Foursquare. A guest post on Brad Feld’s blog, Feld Thoughts, calls for cooler heads to prevail. (Of course, the writer has an agenda.) READ MORE »

About 1756 days ago Network Security

Protect Your Network from Users

our beautiful site

A small technology provider installed a T1 and shared it with two other small companies in the same building. One of these was a real estate office that began experiencing network problems. “Fortunately, there was a guy there who had a background in IT,” recalls Danny Nickason, who managed technology for the provider in a previous job, and is now IT director for Genesis Physicians Group. “He told me they were getting heavy pinging, about 25,000 a second, and gave me the IP address it was coming from.” Devices on a network use “pings” to check the connection to other devices, but viruses can also use them to overload a network. Nickason checked the IP address, which came from a wireless system his company used for demos. He shut down the server in question, and the pings immediately increased to 1 million per second. “It brought both our network and their network down,” he says. “We were hosting eight or nine websites for our clients, and those went down as well.” Nickason investigated further, and discovered the problem originated with the computer a new employee was using. He began by disconnecting the offending computer, which immediately returned both networks to normal. Next, he tried a virus scan on the computer, and encountered a file that wouldn’t let him complete the scan. The file was located in the computer’s “My Music” directory — the result of downloading infected music files. Because of this activity, Nickason notes, “That employee cost several companies money. We had to send apologies to both the companies using our T1 line, and to our clients whose sites went down.” Inviting the vampire in When asked how a network became infected with a virus, Nickason once replied, “The vampire gets in if you invite him in. If you don’t invite him in, he stays out.” This is a major issue in security, where most problems begin with someone downloading an infected file, browsing to an infected site, or leaving a computer unprotected. “Computers come configured to do just about anything,” notes David Rice, author of the new book Geekonomics: The Real Cost of Insecure Software (Addison Wesley 2007). “So you’re starting out behind the eight ball, as far as security is concerned.” How can you improve those odds? Consider these steps: 1. Invest in educating users. “Employees do stupid things, and attackers are out there trying to trick them,” Rice says. “So making them aware of the dangers is probably the biggest bang for the security buck.” Frequent communication is essential, Nickason adds. “I see too many IT departments hide in a room, waiting to react to problems,” he says. “I’m very vocal, constantly reminding them about security. If there are updates, I make sure to advise everyone to reboot their computers, and leave them running that night. I let them know not to open attachments, even from someone they know, unless it’s something they’re expecting.” Communication also helps build trust. For instance, Nickason reports, suspect e-mail is quarantined until he can look at it and make sure it’s virus-free. Employees could override the quarantine if they so chose — but they never do because they understand the risks. 2. Create an acceptable-use policy. “Some companies say that you can’t make personal phone calls, but they let employees use their computers any way they want,” Rice notes. In one case, he says, he found an employee running a “home-based” business entirely on an employer’s computer. “Most companies have very lightweight acceptable-use policies, if they have them at all,” he says. “You need to have the mindset that the equipment belongs to the company, and should be used only for company business. If you start from there, it’s much easier to influence user behavior.” 3. Don’t assume all users have identical access needs. “Knowledge workers need more Internet access than someone in the mailroom assembling components to ship,” says Adam Hils, primary research analyst specializing small and mid-sized businesses for Gartner. “Yet many IT departments set the same profile for everyone, so they all wind up with the same access. If you have 100 people in your company, and you give all 100 the same access, but only 50 actually use it for their jobs, you’ve doubled your security exposure unnecessarily.” 4. Don’t prevent people from doing their work. “Your users are higher-order problem-solving primates,” Rice notes. “And they’re trying to get their jobs done. So if you prohibit something, make sure they have another path to doing what they need to.” Otherwise, he says, they’re likely to look for workarounds that may create worse security problems than the one you solved. 5. Accept that mistakes will be made. Ultimately, even the best-educated users will eventually make a security mistake, so make sure your firewall, antivirus, and spyware filtering are as robust as you can make them. Dirk Morris, CTO and founder of the security gateway Untangle notes that, while purchasing software recently, he himself did an Internet search for a discount coupon, downloaded it, and would have given the company a virus had it not been protected with its own product. “You can educate a lot, and it will make a big difference, but it won’t solve everything,” he says. “There are too many ways even a perfectly well-informed user can still do something harmful.”

About 1817 days ago Network Security

Who’s Minding the Network

our beautiful site

As communication infrastructure and network services get more complex, small and mid-sized businesses that depend increasingly on IT to support their operations are investigating ways to simplify their technology management requirements. Many are taking a closer look at outsourcing these functions to either large service providers or smaller niche players. Managed and professional network services are third-party delivered IT support services that span the enterprise wide area networking (WAN), local area networking (LAN) and customer premises equipment (CPE) environments. These services are often delivered through remote tools and automation capabilities. The reasons for pursuing outsourcing options are many and varied.  The costs associated with buying the technologies that underpin current operations and prepare for emerging requirements can be expensive.  But perhaps the bigger impetus revolves around the lack of knowledge and in-house expertise to manage the array of network, integration, security, and business continuity issues.  Unless technology is part of your business, keeping up with critical trends in key infrastructure segments can be challenging.    Right for fast-growing firms While there is a consensus that outsourcing is a viable option for larger companies, some analysts believe this approach may not be as effective for companies under 50 employees.  A possible exception to this caveat, however, may be companies that are growing fast. “Users at the lower end have not been as successful” with managed network services, says Brian Washburn, research director-network services at Current Analysis, a technology consulting firm that helps companies improve their competitive responsiveness.  He notes that cost is often a big deterrent for companies this size and unless a company is supporting multiple locations, is growing rapidly or has a very large single site, managed network services may not be the best option. Jeff Jernigan, analyst with In-Stat, a technology market research firm, agrees and explains that according to end-user surveys, the best candidates for a managed service strategy are companies with employees from 50 to 999 employees. “There are a number of reasons why, but for the most part, it centers on how increasing complexity and convergence are making it more difficult for these [small and mid-sized business] firms’ IT staffs to keep up with the capabilities of larger firms,” Jernigan says. Web hosting and PBX management According to In-Stat, the two most commonly outsourced network functions by small and medium sized businesses are Web hosting and PBX/phone system management, which are more mature than technology like WAN support or security functions. While cost and loss of control of data are often cited as the biggest reasons for avoiding outsourcing, the benefits include the ability to access state-of-the-art technology, access to more qualified IT personnel, and the ability to focus on core business areas rather than IT support. Service providers are still determining how best to support services for small and mid-sized business customers. Washburn notes that he has seen providers offer services like a managed firewall virtual private network (VPN) and not gain a lot of headway in the market. He has seen success when providers offer integrated solutions. For example, Washburn points out Microsoft and Comcast recently formed a relationship in which Comcast will offer a hosted Microsoft Exchange solution on top of its broadband offering.

About 1848 days ago Network Security

Slouching? Measure Your Security Posture

our beautiful site

Security posture isn’t just posturing. In fact, this bearing may be the most important aspect of your business’ approach to security. What is security posture? It’s your overall security plan, which protects from internal and external threats, says Jon Clay of Trend Micro, a content security service provider in Cupertino, Calif. Evidence of security posture can be found in the way you deal with customer receipts, control employee social security numbers, or how often you update the anti-virus software.  In other words, security posture is comprised of technical and non-technical policies, procedures and controls. Security posture is what results from “the strategy you take toward managing your risks,” says Mike Murray, director of Neohapsis Labs, a security-focused consulting firm in Chicago, Ill. And ignorance can cost. A stolen credit card number — whether resulting from a dumpster-diver’s dig through your garbage can or a hacker’s mischief — can result in a large fine from the issuing company. A three-step approach to security It’s a balancing act for small businesses. “They have to determine how much risk they are willing to accept,” Clay says, “to determine what level of security they implement.” Analyze compliance requirements and business partners’ mandates. “This will allow them to build out a security posture that minimizes risk while still allowing them to run their business efficiently and profitably,” Clay says. Murray suggests a three-step approach to security posture assessment and resolution: Determine all the data your competitors, thieves, and other no-gooders want to steal from the business, or from partner businesses. These could include credit card numbers, social security numbers, corporate assets, or even your business strategies for the next six months. Figure out how thieves might acquire the data. Murray says that this step may require a consultant or an in-house expert in risk management.  A high-quality assessment will provide details on slack approaches to data, whether in the IT or physical world.  “We aptly call it information security,” Murray says, not just technology security. Install controls to prevent theft, at a “palatable” cost, Murray says. Your response may depend upon variables such as your business’ financial situation and the actual likelihood of compromised data.  Few businesses are too small Trent Dyrsmid, CEO of IT service provider Dyrand Systems, Inc., based in Vancouver, B.C., says he often hears businesses claim, “My company’s too small. No one will hack us. We don’t have anything.” However, “anybody is fair game,” says Dyrsmid, and he points out that many threats can come from within, “like disgruntled employees marching out the door with company data on USB stick or CD.” Small businesses aren’t immune to simple errors or carelessness, either.  “Employees need to know how they should handle sensitive data, as they may not know they could be compromising security,” Clay says. Proactive policy can prevent customer addresses from falling into the wrong hands. Assessing security posture is one milestone on a company’s path to maturity and healthy growth. Executing change is the nets, and then repeating the assessment six months later will be the next step. So straighten up and look around — your business’ posture may be telling you something.

About 1878 days ago Network Security

Is Your Network Secure — Physically?

our beautiful site

You’ve purchased a firewall to protect your entire network. You’ve installed anti-virus software which updates its definitions daily. You’ve downloaded and installed all security patches for your operating system. You have anti-spyware software regularly scanning your system and removing any unwanted downloads. You may think you’ve done everything necessary to protect your network and devices from security threats. But you might be wrong. “About 80 percent of security breaches are physical in nature,” says Peter Dougherty, president and CEO of OnPATH Technologies, which provides physically secure switches. Physical security is key Indeed, if your network and equipment don’t have physical security, you almost may as well not bother with the firewall. “If a hacker gets physical access to a device, all bets are off,” notes Sean Convery, CTO of Identity Engines, a Sunnyvale, Calif. Company that provides network access control. How can you make sure your network is safe from physical as well as software breaches? Here are some steps to consider: 1. Lock down servers. Limit access to server rooms and data centers only to those, such as IT staff, who have a legitimate need to be there. “It’s a good idea to lock the doors on the server racks themselves as well,” Dougherty says. He also recommends placing the “management server” — the device used to control and configure the network — in a separate location with its own locked access as a further measure to ensure the network’s physical safety. 2. Don’t forget wiring and switches. Once the servers are secure, take a look at the wires and switches connecting them. “Where is your wire closet? Can the local cable technician get in without authorization?” asks Dougherty. If outsiders have access to the wires and switches that transmit your data, you run the risk of a security breach. 3. Treat cables with care. “Companies typically have some sort of firewall device protecting their network,” Dougherty says. “But because your Internet access comes in from outside, you may have one router on the non-secure side of the network, outside the firewall.” Given the confusing array of devices that are often plugged in side by side, it’s frighteningly easy for an inexperienced or distracted employee to plug in a device outside the firewall. “That’s a very big risk,” Dougherty says. “There are companies set up to do nothing but ping for unprotected networks.” How can you protect yourself from this type of error? One simple, but effective solution is to attach a color-coded label to each cable, showing exactly where it should be plugged in. 4. Set some alarms. Consider installing software alarms that will alert IT administrators every time a cable or device is unplugged from the network — or plugged into it. “It should not only generate an alarm, but also automatically lock down the network,” he adds. Don’t count on encryption Whatever you do, don’t count on encryption to protect your data in case of a physical security breach. Recently, a research team at Princeton University revealed that, by the relatively simple means of freezing DRAM chips with the liquid nitrogen in canned air, they were able to retrieve encryption keys. And, if the data is password-protected, access is even easier. “Most operating systems have either a well-known or not-well-known method for password retrieval or reset, such as by booting from a CD,” Convery says. The reason, he adds is obvious. If a legitimate user loses his or her password, the device becomes an expensive pile of useless metal and silicon without some way to override password protections. And this feature is not limited to computers or servers but includes every piece of electronics, including firewalls themselves, Convery says. “If you can touch the device, and cut power to it, you can reset the password.”