|
Title: Safeguarding vital information
Information
security continues to be a serious concern for managements
all over the world. MOHAN BABU lists the various techniques
used by hackers, including use of human skills, also known
in the industry as “social engineering”, to get insiders in
an organisation to spill out vital details about the security
The
significance of digital security continues unabated as we
move into a new year, and all the major software vendors,
including Microsoft, IBM, Oracle, et al, have promised to
attack the threat at its roots by making the software and
operating systems more impregnable. The recent spate of virus
and worm attacks have brought home the significance of informational
security, both for corporate and personal users. Of course,
the viruses make a point by crippling computer systems and
communication across the globe, causing billions of dollars
in losses. For instance, the recent Blaster worm and SoBig
virus attack, which crippled networks is making business leaders
question the integrity of their systems, computers and e-mails,
on which the corporate world has come to rely on so much.
Being
a techie at heart, with a strong affinity towards the sweet-spot
where the interests of business and technology converge, I
spent the recent few weeks talking to peers in the industry
and reading up a bit on security, the significance of securing
systems and what exactly hackers can do to systems. The more
I talked and read, the more intriguing the topic beca-me.
And, it is not just me taking an interest in information security.
Even business magazines and management journals have started
running detailed features on virus attacks and security, a
testimony to the seriousness with which managements are looking
at this issue.
Types
of threats
A
recent Harvard Business Review article, titled “The myth of
secure computing” talks about three main categories of threats
to digital security:
- Network
attacks, which are waged over the Internet.
- Intrusions,
where attackers actually penetrate an organisation’s internal
IT systems.
- Malicious
code, consisting of viruses and worms.
Network
attacks can slow network performance, degrade e-mail and other
online services, and cause millions of dollars in damages.
And all of this can be done without breaching the internal
workings of an IT system. Denial of service (DoS) attacks
is a kind of network attack that disables computers by flooding
them with an overwhelming number of messages. As the computers
try to respond to each of the thousands of messages, their
resources are consumed and they often crash. Most new enterprise
security tools can thwart common network attacks, and even
if the systems are knocked out, the damage is rarely permanent.
Intrusions
differ from network attacks because the intruders actually
penetrate an organisation’s internal IT systems. Hackers use
human skills, also known in the industry as “social engineering,”
to get insiders in an organisation to spill out vital details
about the security. The description of different social engineering
tactics would take a book in itself, but needless to say,
these con-artists use a general tendency among employees to
help their colleagues. They also take recourse to common sense
after getting some basic information. For instance, after
they predict that in an organisation the user names follow
the convention of ‘jdoe’ for John Doe, the next task is to
guess the passwords.
Surprisingly,
even that is easy to guess, in most cases people frequently
use birthdays, children’s names, or even the word “password.”
Once inside the system, intruders masquerade as genuine users
to create havoc. They alter software, and sometimes create
“backdoors” that can later be used by other hackers. Since
the crime here is being committed from inside, it is harder
to detect, and even when system administrators realise that
a system has be-en hacked, they find it harder to detect the
changes made by the intruders.
Malicious
code consists of viruses and worms which can wreck havoc faster
than human hackers. Viruses need help replicating and propagating,
whereas worms do it automatically. Because they are propagating
themselves through the systems and networks, their targets
can be random, making it impossible to predict where they’ll
hit next.
Software
companies regularly play ‘cops and robbers’ with hackers.
The cops include tools like the virus guards in their arsenals
and are employed by security software companies and information
security departments of organisations. Giving his views on
security, Stephen H Wildstrom, a noted columnist, in a recent
Business Week column says, “There are two things that every
computer owner should do right away. First, run antivirus
software on every computer, and make sure it is set up to
receive automatic updates. If the short-term subscription
that comes with your new computer has expired, renew it. Second,
everyone running Windows 2000 or XP should be running critical
software fixes from Microsoft’s Windows update service.”
While
this advice may sound like a lot of common sense, computer
owners, even large organisations fail to regularly update
their computer system security, leaving them vulnerable. Case
in point, a whole month before the infamous Blaster worm hit
the cyberworld, Microsoft had posted a patch. Systems which
were running the patch were unaffected but a lot of systems
which hadn’t bothered to update were hit by the virus. For
more details on virus protection software, visit the Internet
portals of McAfee (www.mcafee.com), Norton (http://www.symantec.com/).
|
