[ISN] Incidences of hacking on the rise, says centre

From: InfoSec News (isnat_private)
Date: Tue Jun 05 2001 - 19:33:35 PDT

  • Next message: InfoSec News: "[ISN] For NSA vet, security's still a hard sell"

    05 June 2001 
    STATISTICS from the National ICT Security Emergency Response Centre
    have indicated that hacking incidences are on the rise in Malaysia,
    averaging 400 new information and communications technology (ICT)
    security cases each year.
    The figures show that among the 70 incidences reported with the
    Malaysian Computer Emergency Response Team (MyCert) - Abuse
    Statistics, intrusion attacks topped the list at 39, followed by 21
    hack threats.
    "The security breaches are due to a weak security policy and poor
    implementation (for example, sharing of passwords, failure to update
    latest anti-virus programs).
    "It can also be a result of human error as in placement of security
    equipment due to lack of enforcement and product understanding," said
    Biodata Information Technology AG senior vice president, Leonard Oh.
    Oh told Business Times that technologically obsolete equipment or
    insufficient security (single layer firewall when double layer is
    required), and the presence of Key escrows and backdoors (Key escrows
    capable of deciphering encrypted messages can fall into the wrong
    hands) also contribute to security threats although they are less
    likely occurrences.
    Biodata, a global provider of network, PC and communications
    technology products, says the rise in computer crime is a direct
    consequence of increased network traffic and electronic-commerce
    "We don't live in a world any more where you can draw lines between
    the 'good' and 'bad' world.
    Company employees can download a Trojan while surfing at home and then
    infiltrate the company network when using the very same laptop PC in
    the office," Oh said.
    "Every new application brings a new threat.
    The market for e-security is growing because companies that use the
    Internet as a way of distribution realise the need to secure
    themselves against dangerous security threats," he explained.
    Biodata, a company that has seen it all when it comes to security
    breaches, said in most cases, system failures can be traced back to
    poor policies and insufficient network security.
    It is therefore advisable to install an intrusion detection system
    that gives real time alerts, once it recognises an attack signature on
    the network.
    "Technology such as Internet, Intranet, Extranet and e-commerce are
    closely linked to one another.
    This is why international companies, financial institutions and the
    Government have to secure their networks and the transfer of data," Oh
    The protection of networks against inner and outer risks gains
    importance with the increasing use of e-commerce sales and e-mails,"
    he pointed out.
    Research firm Datamonitor has indicated that worldwide market for
    network security will rise from US$5.8 billion (US$1 = RM3.80) in 2000
    at a compound annual growth rate (CAGR) of 30 per cent to reach
    US$21.2 billion in 2005.
    "Based on this, even if there will never be a 100 per cent security,
    the present situation where the majority of users and companies have
    not taken appropriate security measures is irresponsible," Oh said.
    "It's like driving Formula One racers on the Internet data highways
    without any brakes and safety precautions," he said.
    Biodata, a company renowned for its data protection systems, says
    businesses simply cannot afford to ignore data protection.
    Today's businesses are drawn to e-commerce to provide better customer
    service, collaborate with partners/employees via Intranet /Extranet,
    reduce communication costs, improve internal communication and access
    valuable information rapidly.
    But the dark side of e-commerce and global connectivity is that
    corporate assets are exposed, data confidentiality and integrity come
    under attack, and there are security concerns with regard to online
    payments, and accountability of Internet transactions.
    "Companies have invested heavily in e-commerce infrastructure and
    hurriedly to get their systems online, but only now do they realised
    that they have built houses without any doors that can be locked to
    thieves and criminals," Oh said.
    ISN is hosted by SecurityFocus.com
    To unsubscribe email isn-unsubscribeat_private

    This archive was generated by hypermail 2b30 : Wed Jun 06 2001 - 05:53:42 PDT