[ISN] Small firms 'shun' PC security

From: InfoSec News (isnat_private)
Date: Fri May 16 2003 - 00:29:38 PDT

  • Next message: InfoSec News: "[ISN] Secunia Weekly Summary"

    http://news.bbc.co.uk/2/hi/technology/3029955.stm
    
    15 May, 2003
    
    Britain's small businesses are taking risks with the security of their 
    computer networks, say experts. 
    
    A survey has found that although most are protecting themselves 
    against viruses, far fewer use software to stop other increasingly 
    popular attacks. 
    
    Without extra protection small firms could find that malicious hackers 
    can penetrate their networks to delete or steal data or use them to 
    carry out attacks on others. 
    
    The survey also found that small firms are taking too long to apply 
    the latest updates to software leaving loopholes open for others to 
    exploit. 
    
    Wholly holey 
    
    A survey carried out for security company Symantec has found that 97% 
    of British small firms are using anti-virus software to protect 
    themselves. 
    
    The firms questioned were confident that this meant that they were 
    adequately protected with 96% saying they felt sure key data was 
    secure. 
    
    But Symantec said that other findings of the survey showed that this 
    confidence could be misplaced. 
    
    The survey found that 30% of firms had no firewall and 63% did nothing 
    to monitor their networks to see if malicious hackers had compromised 
    them. 
    
    "Modern blended threats, such as Nimda and Code Red, are designed to 
    contain characteristics of many different types of cyber threat so 
    they can probe security defences until they find a way in," said Kevin 
    Chapman, spokesman for Symantec, "anti-virus alone will not stop 
    them." 
    
    High-speed persistent net connections are a favourite target of 
    computer criminals who regularly send out software probes to seek out 
    networks that are not doing enough to protect themselves. 
    
    Many of the probes search for key weaknesses and holes in software 
    that remain unpatched. 
    
    The survey found that small firms struggle to keep up with the number 
    of patches that software makers issue to close loopholes. 
    
    Only 26% of the small businesses questioned install patches as soon as 
    they became available and many said applying these patches was not a 
    priority for them. 
    
    "No-one wants to be wise after the fact," said Mr Chapman. 
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Fri May 16 2003 - 02:37:19 PDT