Holding back hackers

[InfoSec News <isn () C4I ORG>]

http://www.techserver.com/noframes/story/0,2294,500281609-500442650-502860139-0,00.html

By LARISA BRASS, Knoxville News-Sentinel of Tenn.

(November 20, 2000 10:47 a.m. EST http://www.nandotimes.com) -
Businesses are starting to realize that while the new economy requires
the Internet, it also requires protection from those who take pleasure
or profit sneaking into a company's electronic recesses.

"I think a lot of people don't understand that with this incredible
conductivity comes incredible risk," said Tom Hollenbeck, division
manager for the computer and network services division of Science
Applications International Corp. He maintains the network for the
company's Oak Ridge, Tenn., office, which is also connected to SAIC's
commercial and government clients.

The interconnection of businesses, governments and communities around
the world has made it relatively easy for anyone to hack into
computers anywhere and wreak billions of dollars in damage along the
way.

Back in 1990, the Jerusalem virus - also known as Cascade and Form -
set the standard as the most prevalent virus in history, according to
information from Knoxville, Tenn.-based Sword and Shield Enterprise
Security Inc. Jerusalem took three years to do its damage and cost $50
million.

Earlier this year, the Love Bug swept around the world in five hours
and left up to $6 billion in damage.

Now most larger businesses get a "constant" barrage of attacks from
hackers who seek to do everything from disrupt Web service to steal
corporate secrets, Hollenbeck said.

Smaller businesses and personal users with 24-hour Internet
connections are also becoming prone to - if not a direct attack
themselves - serving as a launch pad for operations designed to attack
larger sites.

While external attacks are more publicized and "sexy," many businesses
suffer as much or more damage from internal assaults, said John
McNeely, Sword and Shield vice president and chief technology officer.

Many companies have responded to the threats by simply installing a
firewall - a hardware/software system that detects and counters
unauthorized entries into the system.

In reality, making the Internet a secure place to do business is a
little like guarding your home against thieves, said Hollenbeck. A
firewall works as "a great lock on the front door," he said. But a
determined hacker can probably find another way into the "house."

Companies need to constantly survey their systems, watching for any
weaknesses that might allow hackers through, McNeely said.

Often, said Will Henderson, president of Sword and Shield, the
Web-enabling software itself will have security holes.

"Typically, software is not designed by a security expert," he said.
"It's designed by a computer science expert. That's real important for
companies to understand that."

Once inside the system, said Hollenbeck, the hacker may then find each
hallway and room open for perusal. That's why it's important, he said,
for companies to develop a comprehensive security policy.

Such a policy should include:

* Employee access to information on a "need to know" basis.

* Each office, system and network should be protected in order to
  prevent an entrant from accessing the entire system.

* Employee education. "Companies need to present a culture of
  security," said Hollenbeck. That includes "passwords that expire."

* Awareness of "social engineering." Would-be hackers often try to
  wrest information from employees in casual phone conversations,
  posing, for example, as the friend or business partner of a worker
  who is out of town.

Home computers are also becoming more vulnerable. Increasing numbers
of households have signed up for cable modems or digital subscriber
lines that provide a constant connection to the Internet.

Lured by the promise of high-speed access, many people don't realize
that hackers have greater access to their computers when they are
plugged into the Web 24 hours a day. Most people don't stash
top-secret information in their computers, but hackers can plant bugs
in personal systems that activate and pummel other Web sites.

Consumers can buy firewall software for their home computers or even a
hardware device to detect viruses, but these products have not yet
reached mass production.

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".