SOUTH AFRICA FIGHTING COMPUTER DATA LOSS My Broadband :: Hardware & Software : Fighting desktop attacks:

Fighting desktop attacks
By Greg Gordon, 11 December 2006

Companies generally make sure physical security of their employees and premises is up to speed. Yet many ignore IT security risks which can have dire consequences.

Billion of rands are lost to the SA economy because of computer security breaches. Whether it’s a loss of productivity because of crippling computer viruses, actual theft of company data, identity theft, extortion or fraud, South African firms are ill-equipped to deal with the problem — largely because they don’t understand it.

The Electronic Communications and Transactions (ECT) Act makes the privacy and protection of electronic data the duty of company directors. However, many are unaware of the threats and, even if they are, are unsure what to do about them.

Said Patrick Evans, regional director of Symantec Africa: “Today the threats continue to change and although attackers have moved away from large, multipurpose attacks to smaller, more focused ones, there is an increase in attempts to perpetrate criminal acts such as identitytheft, extortion and fraud. Companies around the world, including in South Africa, are under threat from the devastating scourges of computer viruses, malicious codes and online hacker attacks.

“Cybercrime is multi-faceted and occurs in a variety of scenarios and the number of criminals in the computer user population is increasing.”

Martin Walshaw, systems engineer at Cisco South Africa, said information security is a topic that demands continual attention from the corporate world, particularly since defence is trickier than attack.

“With literally thousands of tools available for free download which can be used to breach corporate networks, the threats are not only very real, but also potentially prolific,” he said.

According to Walshaw, among the most significant challenges facing companies is applying the necessary resources to the problem.

“The challenges that are faced by information security specialists are legion, beginning with information overload. That is a contributing factor towards poor attack and fault identification, prioritisation and response.

“Then there is the further pressure of compliance with corporate governance principles and audit requirement adherence.”

He said the complexity of keeping networks secure is being heightened by the introduction of the growing number of devices which connect to them — such as USB memory cards, and, increasingly, WiFi-enabled cellular phones and other handsets.

“More devices mean more potential access points into the network and from there on in to corporate data. It’s simply not possible for businesses to hire more and more people to manage and assess the spiralling number of threats that are faced — automation is the future of network defence.”

Individuals are a key target for online banking scams but, increasingly, so are threats aimed at businesses.

“What many people don’t realise is that while security breaches of individuals’ banking accounts are a visible problem, the real threat of key loggers is directed at businesses,” said Amir Lubashevsky, director of Magix Integration.

“Instead of having to steal or somehow calculate a person’s logon details, key loggers are small devices invisibly attached to thecomputer’s keyboard cable that surreptitiously copy every keystroke made on a computer , exposing passwords and personal information to criminals. The R3-billion SA companies spend on IT security each year cannot detect them.”

He said these devices can quickly and quietly be installed in a business to capture information to an internal USB device. And given that small USB devices can store a gigabyte of information or more, a key logger can remain attached to a user’s keyboard for weeks, capturing every keystroke, basically negating the company’s IT security.

Said Lubashevsky: “USB devices are proving to be serious threats to corporate security. These small gadgets can be taken in and out of offices without anyone knowing and can easily store customer databases or intellectual property. The first the company executives will know of the data theft, if they ever realise it happened, is when the information is used against it.”

He said that the business issue is whether companies have installed measures to prevent USB-related fraud or if they are waiting for a crisis to make a move.

Paul Boshoff, personal systems group country manager at HP South Africa, said mobility is a security risk that’s growing.

“Technological advances have made it easier than ever to be mobile. No longer constrained to an office, employees have the freedom to work from almost anywhere.

“While the associated productivity benefits are very real, conversely the security risks facing the mobile workforce are as real.”

He said 60% of sensitive information lost in organisations is related to lost or stolen notebook computers.

“Smartphones and PDAs are getting smaller, making them easier to steal or lose. Device theft and loss will remain a reality.

“The challenge now is how to practically safeguard your business and personal information in the mobile age.”

Cheslyn Mostert, the chairman of Lefatshe Technologies, said that 2005 and 2006 will go down as two of the worst years ever for data security breaches.

“And the threats are broad-based. For instance, anti-virus protection is only as good as its last update and hackers are constantly testing their abilities against corporate systems and the solutions being implemented. Spyware is a particularly serious problem.”

Spyware is any software program that either monitors a user’s online activities, or installs programs without a user’s consent with the intention of profit or the capture of personal information.

It is designed to be difficult to detect and even more complicated to remove.

And it is appearing on corporate networks at an alarming rate.

Said Mostert: “Just one undetected intruder can cause a variety of threats to business, including compromising the security of intellectual property; the prospect of legal repercussions due to exposed orstolen consumer and employee data; possible compliance regulations violation; increased user downtime and costly drain on IT resources; paralysed productivity at mission-critical workstations; and diminished workstation performance and network stability.”