Banks brace for cashpoint attack

Posted on by admini

This fall the Global ATM Security Alliance (GASA) published what it says are the first international cyber security guidelines specifically tailored to cash machines. Experts see new dangers as legacy ATMs running OS/2 give way to modern terminals built on Microsoft Windows.

“The recommendations presented in this manual are essentially designed to provide a common sense approach to the rapidly changing threat model that the introduction to the ATM channel of the Windows XP and other common use operating systems, as well as the TCP/IP network protocol suite, has created,” said the manual’s author, Ian Simpson, in a statement.

The move comes one year after the Nachi worm compromised Windows-based automated teller machines at two financial institutions, in the only acknowledged case of malicious code penetrating ATMs. The cash machines, made by Diebold, were built on Windows XP Embedded, which suffered from the RPC DCOM security hole Nachi exploited. In response to the incident, Diebold began shipping new Windows-based ATMs preinstalled with host-based firewall software, and offered to add the program for existing customers.

Though ATMs typically sit on private networks or VPNs, supposedly-isolated networks often have undocumented connections to the Internet, or can fall to a piece of malicious code inadvertently carried beyond the firewall on a laptop computer.

Last year’s Slammer worm indirectly shut down some 13,000 Bank of America ATMs by infecting database servers on the same network, and spewing so much traffic that the cash machines couldn’t processes customer transactions.

The goal of the ATM cyber security best practices document, which has not been made public, and a related white paper developed by GASA, is “to be proactive in fighting what might be the next wave of ATM crime – namely cyber attacks,” said Mike Lee, founding coordinator of the group, in a statement.

GASA’s members include fraud prevention agencies, financial industry associations, the US Secret Service, Visa and MasterCard, and some ATM networks and manufacturers, including Diebold and NCR.

http://www.newsisfree.com/iclick/i,60511486,1393,f/

Read more

Microsoft to back customers in infringement cases

Posted on by admini

The company said the protection extends to current and older versions of its software, including its Windows operating system, Office desktop software and SQL Server database. The company already offers unlimited protection to its volume license customers but is adding the indemnity for customers who buy its key products in other ways, such as from a computer maker or even off a retail shelf. “When we looked at things, there was no reason not to provide that coverage to all those folks as well,” said David Kaefer, director of intellectual-property licensing for Microsoft.

The protection covers four main types of claims: patent, copyright, trade secret and trademark. The protection extends to nearly all of Microsoft’s products, with the main exception being embedded versions of Windows, largely because customers are able to modify the code.

Of course, it’s not just altruism that motivates the software maker. The company plans to make indemnity a new plank in its “Get the Facts” campaign, which touts the advantages of Windows over Linux. Chief Executive Steve Ballmer talked about indemnity as a key differentiator during Tuesday’s shareholder meeting. “We enhance the intellectual-property indemnifications we give our customers,” Ballmer said at the meeting. “We can stand behind our products in a way that open source can’t because they have no one standing behind them.”

Kaefer said the argument is resonating with some customers who are concerned about liability. “More and more customers are realizing you don’t get what you don’t pay for,” he said.

Hewlett-Packard and Novell have offered liability protection to some Linux customers, but both Microsoft and analysts note that most of the protections from the Linux vendors are more limited.

Last year, Microsoft lifted a cap for its volume-licensing customers that had limited the dollar amount of protection Microsoft offered its customers against intellectual-property claims resulting from their use of Microsoft software.

Microsoft has been beefing up its own intellectual-property portfolio, a move that Kaefer said does make it easier for Microsoft to offer such protections. “The reason we are able to do this at all is because we have done some of the things that you have to do earlier in the process,” he said.

As part of the announcement, Microsoft highlighted two customers–Regal entertainment and ADC Telecommunications–that said that indemnity was key to their choice of Windows over Linux. “We simply aren’t interested in having to worry about potential legal risks of deploying Linux in this environment,” ADC Telecommunications manager Jamey Anderson said in a statement.

http://news.com.com/Microsoft+to+back+customers+in+infringement+cases/2100-1014_3-5445868.html?part=rss&tag=5445868&subj=news.1014.5

Read more

Boom times ahead for IT security profession

Posted on by admini

Approximately 680,000 of this expanded workforce will work in Europe.

IDC analysed responses from 5,371 full-time information security professionals in 80 countries worldwide, with nearly half employed by organisations with $1bn or more in annual revenue. The web-based study is described as the first major study of the global information security profession ever undertaken.

On average survey respondents had 13 years work experience in IT and seven years specialised security experience. This wealth of skill is often well rewarded.

Around 10 per cent of the survey participants in both the US earned more than $125,000 per annum; 22 per cent of US residents who took part in the survey earned between $100,000-$120,000 a year (Europe 16 per cent).

At the other end of the scale, five per cent of security pros in the states and nine per cent in Europe earn less than $50,000.

In Asia, 60 per cent of security professionals earn less than $50,000.

Managers hiring security professionals (93 per cent) said certification was important in choosing potential recruits; but commercial awareness is also becoming increasingly important.

“The study shows a shift in the information security profession, indicating that business acumen is now often required along with technology proficiency,” said Allan Carey, the IDC analyst who led the study. “This widening responsibility means information security professionals not only have to receive a constant refresh of the best security knowledge but also must acquire a solid understanding of business processes and risk management to be successful in their roles.”

“With competing demands on industry and government to expand access to services and information, the highly trained and experienced information security professional must now be an active participant to fulfil stringent regulatory requirements and provide proactive solutions to circumvent emerging risks,” he added.

http://www.theregister.co.uk/2004/11/09/isc2_security_job_survey/

Read more

Small Vendors Issue Security Challenge To Large Competitors

Posted on by admini

Their stated goal is to promote more consistent metrics for customers to evaluate products.

The situation, as these upstarts describe it, is a growing market for Web application security–which the Yankee Group tags at $2 billion over the next five years–and suspect claims from vendors about the capabilities of their products.

In a prepared statement, the foursome suggests that some vendors are selling security short. “We are united regarding the minimum criteria that any security product must meet to provide acceptable protection for mission-critical Web applications,” the companies state.

“It’s pretty remarkable that these companies have come together,” says James Slaby, an analyst with the Yankee Group.

http://www.informationweek.com/showArticle.jhtml;jsessionid=J3XAEQLVWKL4KQSNDBNCKHSCJUMEKJVN?articleID=52600320

Read more

CA gives anti-spyware a consumer face

Posted on by admini

While the business-oriented products stand as updates from the anti-spyware applications marketed by PestPatrol before the CA buyout, the consumer package marks the first time the technology has been tailored specifically for home users by either company.

Sam Curry, vice president of eTrust security management at CA, said the company has identified more than 1,200 new strains of spyware over the last eight months–a sign of the growing threat of the nefarious software.

Spyware applications are typically installed without a user’s permission via Web browser exploits or e-mail programs, with the intent of surreptitiously tracking computer usage, stealing personal information or sending spam.

Among the primary changes CA said it made to the PestPatrol technology for business customers are improved reporting capabilities, faster spyware scanning tools and expanded customer support. The corporate version also provides security administration controls to manage protection for large numbers of desktops. In addition, executives said that CA has reworked the products’ licensing terms for companies.

The PestPatrol interface has been redesigned in the consumer package to make it easier to use by people who are not IT professionals, CA said. For instance, the Anti-Spyware r5 software, which will retail for $39, enables people to set up automated scanning schedules and receive reports on what has been fixed. That contrasts with a process where they would have to manually fix and test systems using a readout of what the software had found.

Curry said that consumers are finding that Spybot and other anti-spyware applications available for free download over the Internet can no longer tackle all varieties of spyware. He believes that customers will be willing to pay for tools that do a better job. “The most important thing for people to realize about spyware is that it doesn’t function like a virus, where you can find it and clean it off your computer fairly easily,” Curry said. “When you look at spyware, there could be hundreds more points of infection. It may not be as life or death to your computer as a virus, but there are certainly big implications about how personal a spyware attack can be.”

While many companies have identified spyware as a major concern, research shows that few are using technology specifically designed to combat the problem. In a nationwide survey of IT managers and executives released by Equation Research, 70 percent expressed growing concern over the issue, but fewer than 10 percent said they have installed anti-spyware software.

http://news.com.com/CA+gives+anti-spyware+a+consumer+face/2100-1029_3-5443428.html?part=rss&tag=5443428&subj=news.1029.5

Read more

Check Point Adds Intrusion-Prevention Services

Posted on by admini

Fred Felman, vice president of marketing at Check Point, said the new intrusion-prevention services will empower solution providers to guarantee customers up-to-the-minute protection against viruses and other network threats.

Calling upon the SmartDefense service and Zone Labs Security Advisories, Check Point will upgrade the service automatically, so its list of vulnerabilities is always up-to-date, he said. The new capabilities are part of the Redwood City, Calif.-based vendor’s Total Access Protection initiative to extend cooperation between its Integrity end-point security solution and other offerings in the Check Point product portfolio, such as the integrated firewall, VPN-1 Pro; the internal security gateway, InterSpect; and Connectra, the company’s Web security gateway.

The strategy is intended to help enterprises defend their network-connected PCs with unified remote access, end-point security, policy enforcement and hosted intrusion prevention. Eric Eder, president of Intelligent Connections, a security solution provider in Detroit, said his customers have needed more automation for handling incidents. “The ability to have centralized management control and have it be consistent across a variety of areas is really something [customers] like.”

http://www.securitypipeline.com/news/52200275;jsessionid=53OLQAFAE5TAQQSNDBCCKH0CJUMEKJVN

Read more