admini – Page 384 – CyberSecurity Institute

The Path to Safety?

Posted on March 8, 2004December 30, 2021 by admini

The recommendations—all voluntary—are to include television advertising aimed at small businesses and data collection research with the federal government, according to sources involved in the planning.

A little more than a year after the White House released its National Strategy to Secure Cyberspace, which includes a blueprint showing the private sector how to improve network security, federal policy-makers remain concerned that industry-owned networks are vulnerable to terrorist attack.

Patrick Leahy, D-Vt., said the country has been fortunate that terrorists have not infiltrated U.S. networks. “We can assume, unfortunately, that they would if they had the opportunity,” Leahy said. “It is essential that we work with the private sector to thoroughly assess our weaknesses and take steps to deal with them.” “In most cases, the recommendations will be more like road maps of what we need to do to get where we want to be,” said Gary Garcia, vice president of information security policy at the ITAA.

A primary aim of the industry-led initiative, which comprises five task forces, is to encourage buy-in from stakeholders, including infrastructure owners, users and vendors, Garcia said. To reach out to smaller businesses and individual users, the task forces are recommending public awareness campaigns, sources said.

The fear is that Congress will impose expensive new security obligations on corporations because so much of the country’s interdependent infrastructure is held in private hands. Last year, Rep. Adam Putnam, R-Fla., floated the idea of mandating security audit reporting, but Putnam is still talking with industry leaders about alternative proposals, an aide said.

While much of the task forces’ work sets only a framework for improving network security, some recommendations will provide specific direction, sources said. The plans will include detailed schedules and will recommend projects for improved education, such as including a network security course in the ordinary curricula at community colleges, Schmidt said. Before month’s end, the industry group plans to launch a Web site enumerating its recommendations and other information to better secure private networks, sources said.

http://www.eweek.com/article2/0,4149,1542841,00.asp?kc=EWRSS03119TX1K0000594

Antivirus industry slammed by DTI report

Posted on March 5, 2004December 30, 2021 by admini

Chris Potter, security analyst at PricewaterhouseCoopers, who co-wrote the survey said: “Antivirus software alone is just not enough anymore.”

This is not the first time that signature-based virus protection has been criticised. There will always be victims before there are solutions and fixes. And in the wake of ‘Warhol’ worms – those that have ’15 minutes’ of destructive fame – such reactivity is easily exposed. Potter added: “While almost every UK business has antivirus software in place, the incidence of attack is rising.

Mark Sunner, CTO of MessageLabs, said: “The most effective solution is a proactive and continuously updated managed service that stops known and unknown spam and virus threats at the internet level, before they ever reach corporate networks and end users.”

While some companies surveyed reported little or no damage resulting from an infection, some said an attack had often resulted in very costly remedial work and disruption that ran to more than one month.

http://www.silicon.com/0,39024729,39118937,00.htm

Microsoft: Windows XP SP2 Will be Disruptive

Posted on March 5, 2004December 30, 2021 by admini

The launch of a training course is an unusual move for the software giant, which has changed many Windows XP defaults to tighten security and to simplify the software update process. The service pack, now in beta, will make significant changes to deal with increased network protection, memory protection, improved e-mail security and enhanced browsing security; but these changes will lead to major disruption unless developers tweak their applications, the company explained.

In a detailed explanation, Microsoft made it clear that IT administrators and users must make specific changes to allow applications to open certain ports. “Windows Firewall includes an explicit setting in the firewall to enable the automatic opening and closing of ports for RPC for each profile.

More info: http://www.internetnews.com/ent-news/article.php/3322381

MCI guarantees against DoS attacks

Posted on March 5, 2004December 30, 2021 by admini

The SLA aims to ensure that all MCI internet customers will have immediate access to MCI’s security staff to help them address and mitigate internet attacks quickly, providing the strongest network security protection available.

“MCI’s experience operating IP networks, along with its advanced network monitoring and management capabilities, enable the company to provide the strongest security defence for our customers,” said Sara Santarelli, MCI vice-president of network security.

More info: http://www.computerweekly.com/articles/article.asp?liArticleID=128923&liFlavourID=1&sp=1

Antivirus vendors unzip encrypted email viruses

Posted on March 5, 2004December 30, 2021 by admini

Recent versions of the Bagle worm have bypassed corporate gateway security because they are distributed in password-protected Zip files, which are next to impossible for antivirus programs to scan. Emails infected with the Bagle worm, however, contain the password required for opening the Zip file.

Antivirus vendors BitDefender and Kaspersky Labs have both launched updates enabling their software to open any encrypted attachments using the password contained in the email text. Once the file is decrypted, it is treated as an executable file and scanned normally.

Eugene Kaspersky, head of antivirus research at Kaspersky Labs, said: “This new technology protects users from a new generation of worms, specifically worms that hide in password-protected Zip files. Five worms using this technique appeared within only four days – a new trend has been set in the computer underground,” he said.

Viorel Canja, head of BitDefender Labs, said in a statement: “We have developed an engine tasked with finding the Zip password in the email text.

Most AV products could only offer protection after the archive is extracted; that could be a little too late for inexperienced users,” he said. Simon Heron, director of Network Box, told ZDNet UK the product combines Kaspersky’s software with Network Box’s own technology to deal with the latest Bagle mutations at the network perimeter. According to Heron, this does mean the gateway is fractionally slower. “The worst case scenario is we will take 50 milliseconds extra to parse an email that has a password-encrypted attachment.

More info: http://www.silicon.com/software/security/0,39024655,39118922,00.htm

Business Thrives on Dangerous Roads

Posted on March 3, 2004December 30, 2021 by admini

The better approach is to take some risks, and focus on your core mission: doing business efficiently and aggressively in the competitive marketplace. One of the risks of doing business while connected to the Internet is that bad things will happen occasionally.

Your organization may be one of the unlucky few that suffers a loss of personally identifiable information such as customer names and credit card numbers. Even during the worst moments of the Blaster or Slammer attacks, the companies and government agencies with the best event management programs suffered little.

The 100th dollar you spend has less relative impact than the 1st. Therefore, it is not the size of your security budget that matters, but the effectiveness and efficiency of your security choices. It is very tempting to buy products or services because you are afraid of the next security vulnerability.

Success lies in not over-spending on security nor making the security architecture so complex and extensive that it cannot be managed efficiently.

More info: http://www.csoonline.com/analyst/report2306.html