Forwarded From: Nicholas Charles Brawn <ncb05t_private> 29Oct98 UK: INTERNAL HACKING COSTS USERS DEAR. By Marcia MacLeod British business is losing thousands of pounds annually through unauthorised hacking of internal systems. According to the Department of Trade & Industry, internal hacking has cost UK organisations #1.5bn since 1992. Seventy per cent of all hacking incidents come from within the company. As delegates at the Information Security and Corporate Strategy conference held in London this week heard, these figures probably only reflect a small percentage of the illegal hacking carried out, since most firms do not publicise incidents in which their systems are accessed by unauthorised individuals. "If someone is caught, it looks bad for the company," said David Cazelet, director of information security for Diligence, which organised the London event. "Normally, internal hackers are let off to avoid publicity." Diligence says programs explaining how to gain illegal access to data or cause systems to fail can be downloaded from the Internet. Sites such as Cult of the Dead Cow and H/P/A/V/C offer packages such as back orifice, brute force attack and network sniffer. It is not illegal to download these files. However, accessing a computer system illegally is an offence under the Computer Misuse Act 1990. Firewall is breached Firewalls may not provide sufficient protection against illegal hackers, internal or external. Diligence broke through Firewall-1, one of the most popular firewalls on 24 October. There was no trace or logging of the break. The breach took place against the latest version of Firewall-1, which is made by Israeli company Check Point Software Technologies. Firewall-1 is believed to be used by more than 60% of European organisations. COMPUTER WEEKLY 29/10/1998 P4 -o- Subscribe: mail majordomot_private with "subscribe isn". Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:09:29 PDT