Forwarded From: Simon Taplin <stickerat_private> Taken from Business Times IT section You have heard of the X-Files where special agents fend off the threat of alien attacks. Now meet the X-Force, a team for software specialists doing battle against equally insidious - and far more real - attacks on your corperate network. The X-Force is a squad of 20 young programmers developing network security products for Internet Security Systems (ISS). Although companies were transmitting an increasing amount of vital data electronically, network security was often neglected, said ISS vice- president of Europe, Middle East and Africa, Alex Bogaerts. "Intrusions and attacks can come from anywhere in the world", he said. "It's electronic warfare." An Ernst & Young survey showed that 42% if companies had suffered "a malicious external attack" - 16% higher from the previous year. Of those attacks, 38% were confirmed as industrial esponiage. Just as distrubing was a finding that 43% of companies were maliciously attacked from the inside, by an employee with a grudge or a desire to see confidential data. About 80% of security crimes were committed by insiders, said Bogaerts. "Every piece of software and every machine has its vulnerabilities. IT could be a bug which lets an intruder take control of a machine or lets them destroy files." Human error was a major contributor to poor security, he said. Research showed that 70% of firewalls leaked because thhey were badly maintained or not configured correctly. In Germany, 43% of companies that had installed the highly expensive and complex SAP enterprise resource management software had not bothered to change the default passwords. A difficulty comes when people try to balance security against the need for easy access for the right people. For instance, a firewall controls access to a network, but makes entry for electronic commerce more difficult. "If you want to do electronic commerce you need security that is pervasive but invisible," said Bogaerts. In addition, a firewall did not give any feedback about who tried to access a networrk without permission. This was useful information for countering an attack. "It is important to know who is attacking because people will come to the firewall first to see how your network functions, before thet attack through a back door," he said. ISS had developed software able to monitor, detect and respond to threats. One product can lead a hacker into areas of the network where they can do no harm, without the hacker recognising he has been detected. Another tool highlights weaknesses in the network and gives step-by- step details how to fix it. "Network security is not a project - it is a basic part of the network," said Bogaerts. ISS is represented in SA by network security company SMC -o- Subscribe: mail majordomoat_private with "subscribe isn". Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:03:23 PDT