[ISN] As Corporate Networks Expand, Some Visitors Come Uninvited

From: mea culpa (jerichot_private)
Date: Tue Apr 28 1998 - 15:38:13 PDT

  • Next message: mea culpa: "[ISN] Hackers, Friend or Foe?"

    Forwarded From: Nicholas Charles Brawn <ncb05t_private>
    "Computer systems at 90% of Japanese companies allow intrusion from
    outside," warned instructor Takeshi Horizoe at a March 26 seminar in
    Tokyo.  The seminar on Internet crime and ways to prevent unauthorized
    access drew some 40 people in charge of systems from the manufacturing,
    financing, distribution and other sectors. 
    Horizoe is a senior consultant at General Accounting & Business Consulting
    Inc. of Tokyo, which handles security for corporate systems. "Some
    companies have a sense of crisis about unauthorized access at the
    management level, and others do not have any such sense," he said. 
    Unauthorized access means that an outsider intrudes deeply into a
    company's system via the Internet to steal or destroy data. 
    Strong sector 
    The company last October started a management service to prevent
    unauthorized access. Manufacturers especially have a strong tendency to
    consider information as an asset, and 21 of 30 companies that use the
    service are manufacturers. 
    Research-and-development data on new products may have immeasurable value. 
    The company said one of its client manufacturers affirmed that it would
    spare no expense to protect information.  Computer-network crime is not a
    problem for manufacturers alone. For example, any company that provides
    information for investors can have its home page altered by outsiders,
    with the potential to gravely affect stock prices. 
    General Accounting's service involves trying to enter a client company's
    system by the same methods as intruders and checking its degree of
    security. The company does not send its personnel to the client,
    performing all functions through the network. "Some home pages have been
    lers with the content illegally altered," Hori-zoe said. 
    After checking defects in the system, the company draws up a report and
    delivers it to the client. General Accounting then can take concrete
    measures, such as installing a guard system called a fire wall, based on
    the report. 
    Fumiaki Yamasaki, the company's general manager for business development,
    said, "It is important for a company to decide what information to
    protect." The larger a company, the larger the investment in security
    normally will be. While most companies pay 6-10 million yen (46,200
    dollars to 76,900 dollars) annually, some large systems may need hundreds
    of millions of yen. 
    Investing in protecting information requires management understanding. 
    General Accounting holds a seminar once a month to call companies'
    attention to the importance of preventing improper access.  In 1997, just
    over 400 cases of unauthorized access were reported to the Japan Computer
    Emergency Response Team. The number, however, is said to be only a
    fraction of the actual figure, since many companies are reluctant to
    disclose such incidents. 
    General Accounting regards companies with annual sales of more than 100
    billion yen as potential clients, and projects contracts with 150
    companies and sales of 630 million yen in the fiscal year through March
    Subscribe: mail majordomot_private with "subscribe isn".
    Today's ISN Sponsor: Dimensional Communications (www.dim.com)

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:52:00 PDT