June 2004 – Page 5 – CyberSecurity Institute

Companies lack plans in case of terrorist attacks

Posted on June 9, 2004December 30, 2021 by admini

A majority of security executives surveyed said their companies don’t have plans to cope with an unconventional terrorist attack, even though most believe that a terrorist attack of some kind is likely to occur in the coming months, according to the results of a poll released by CSO magazine today.

The survey of 476 chief security officers and senior security executives found that 60% believe that a terrorist attack is likely in Boston or New York, which are hosting the Democratic and Republican political conventions this summer, respectively. While 63% of CSOs said their companies have planned for conventional attacks such as bombings or hostage taking, 61% said they haven’t planned for unconventional attacks using chemical, biological or nuclear weapons, according to the magazine.

The online survey of CSO subscribers was conducted between April 27 and May 18, 2004, and has a 4.5% margin of error.

CSO subscribers were asked their opinions on a number of issues, including terrorism, politics, IT security policy and purchasing decisions.

While planning for unconventional terrorist attacks is rare, the CSOs reported much better preparation for threats such as cyberattacks, natural disasters and violent employees.

Ninety-four percent of those surveyed said they have contingency plans in place for natural disasters and 86% for cyberattacks. Eighty percent said their companies are prepared for attacks from violent employees or former employees. Indeed, the survey showed that companies are quick to slam the door on former employees.

Seventy-four percent of those surveyed block network access to e-mail and critical documents within one business day of employees being fired or leaving a company, and 81% block physical access within one business day.

The theft of intellectual property or other proprietary information is also a top concern of CSOs, with 91% saying that managing access to critical information and documents is either “extremely important” or “very important.”

More info: http://www.computerworld.com/securitytopics/security/story/0,10801,93741,00.html

Security Expected To Take A Larger Bite Out Of IT Budgets

Posted on June 7, 2004December 30, 2021 by admini

Security spending takes up from 3 percent to 4 percent of IT budgets today, the Meta Group said in a report on calculating information-security spending.

A chief financial officer typically defines ROI as dollars spent balanced by additional revenue or accrued profit, but “security doesn’t generate revenue or improve profits in a predictable manner,” Meta analyst Chris Byrnes said.

The rate of spending is expected to be slower in Europe than in the U.S., with a 5 percent to 7 percent CAGR versus a 10 percent CAGR, Meta said.

The major reasons are the lower intensity of publicity regarding cyber-crime and compliance issues.

In the Asia-Pacific region, spending rates are expected to be similar to Europe in mature economies, such as Singapore, Japan, Australia, and South Korea.

Security spending in developing countries, such as Malaysia, Thailand, and Philippines, is only starting.

Within verticals, the more regulated industries and those that conduct a lot of electronic financial transactions over the public Internet are expected to continue spending more on security.

More info: http://www.techweb.com/wire/story/TWB20040607S0013

Immunize Your Servers Against Attack

Posted on June 7, 2004December 30, 2021 by admini

Primary Response 2.2 is software you install on Windows NT, 2000, 2003, or Solaris servers. It “immunizes” your servers against undefined intrusions, the way the human body defends itself against biological viruses it’s never seen before, according to its developer, Sana Security.

The basic security features of Primary Response 2.1, the software’s previous version, have just been certified by ICSA Labs, an independent testing firm, according to a lab spokesperson. This is the first such certification given to a new kind of program known as host-based intrusion prevention systems or HIPS, according to Dr. Steven Hofmeyr, Sana’s founder and chief scientist.

A NIPS solution is typically a hardware appliance that’s plugged in between a company’s servers and the Internet. Such devices monitor network traffic and protect the servers from inappropriate packets, such as hacker attacks. NIPS, however, cannot protect applications that are running on individual PCs or defend against the behavior of insiders, which most intrusions are.

Host-based intrusion prevention systems, such as Primary Response, install on each server that you wish to protect. Installing a HIPS solution, unfortunately, doesn’t eliminate the need for companies to also purchase NIPS and client-based security software.

But corporations can save big bucks with HIPS by installing Microsoft patches only once every calendar quarter, instead of once a month or more, Hofmeyr says.

A Primary Response 2.2 installation consists of at least one “management server,” which lists for $6,500, and one “agent” per server you wish to protect.

More info: http://itmanagement.earthweb.com/columns/executive_tech/article.php/3364491

Cybersecurity: Too important to leave in private hands?

Posted on June 7, 2004December 30, 2021 by admini

During a panel discussion about the possibility of government creating cybersecurity regulations, Press and Rich Mogull, a research director for Gartner Research, advocated government taking a more active role.

While others on the panel suggested the U.S. government could affect cybersecurity by using its huge purchasing power to influence companies, Press questioned why software vendors aren’t sued for selling products with security flaws. Without laws allowing software vendors to be sued, “you are rewarding people for selling broken products,” he added. Instead of software vendors being held responsible for cybersecurity problems, the buyers pay the bill, Press said. Instead of government regulations, software buyers should demand better products, he said. In all but the desktop market, where Microsoft dominates, competition over the past couple of years has helped improve software security, Pescatore added.

Fred Barnes, executive editor of the conservative Weekly Standard and cohost of Fox News’ Beltway Boys, asked the panel why more cybersecurity legislation hasn’t been considered in the U.S. Congress.

“There’s a fear of stifling innovation,” said Roger Cressey, president of Good Harbor Consulting LLC and former counterterrorism expert at the White House.

Fred Barnes, executive editor of the conservative Weekly Standard and cohost of Fox News’ Beltway Boys noted that some government and private cybersecurity experts have been warning of the possibility of a “digital Pearl Harbor,” a massive attack on U.S. IT assets, for several years. The threat cannot be overstated, answered Bob Dix, staff director for the technology and information policy subcommittee of the House Government Reform Committee. However, Dix said Monday he hopes the subcommittee’s efforts to raise awareness about cybersecurity will get company chief executives to take the issue seriously.

But Press suggested that the software industry should be proactive and work with Congress now to pass legislation the industry can live with.

More info: http://www.nwfusion.com/news/2004/0607cybertooi.html

Zombie PCs generate 80 per cent of spam

Posted on June 3, 2004December 30, 2021 by admini

The company found that Trojans, typically installed surreptitiously by worms or spyware, exploit vulnerabilities to bypass normal email routing and drop spam messages directly into end user machines.

Many of the most well-publicised worm attacks in recent months were launched expressly to install spam Trojans on unsuspecting end users’ machines, waiting to be used at a later date as a spam delivery relay, Sandvine warned.

The report also found that the behaviour of spam Trojans taxes ISPs’ infrastructures and, in the case of smaller ISPs, creates perceptions that some networks are generating more than their fair share of spam. “Subscribers’ in-boxes are bombarded daily and, while spam filters can provide an effective treatment, the scale and scope of the problem means that additional remedies are needed,” said Marc Morin, co-founder and chief technology officer at Sandvine, in a statement.

“As a complement to existing mail server and client-based tools, service providers need to arm themselves with network-based anti-spam defences.”

More info: http://www.vnunet.com/news/1155583

New Viruses Hit 30-Month High

Posted on June 3, 2004December 30, 2021 by admini

Five new viruses released in May made Sophos’s Top 10 for the month. Included are Sasser, Netsky-Z, Sober-G, Bagle-AA, and Lovgate-V, the company said.

Sasser led the pack in the number of infected machines reported. Sophos found a total of 959 new viruses on the Internet in May, the highest number since December 2001. The number includes new viruses that were variants of older viruses.

More info: http://www.informationweek.com/story/showArticle.jhtml?articleID=21401332