Feeds

What are the security threats?

Sophisticated Malware or just People?

  • alert
  • submit to reddit

Secure remote control for conventional and virtual desktops

"Security", as the first article in this series points out, can always be found near the top of the list of concerns of every IT manager and IT director. Unfortunately the same subject can also manage to not quite make it onto the more important list of things to do something about now.

Over the years, a diverse array of solutions has come to market, each of which claims to enhance different aspects of an organisation's IT security. Many can, indeed, enhance the capabilities in one or more areas. But security technology is only effective when deployed appropriately and, more importantly, when used correctly – by everyone in the business. And of course, security is not a one-shot operation – it cannot be assumed that the measures put in place a couple of years ago will still be appropriate today.

So this brings us to the question of what are the threats and weaknesses that must be guarded against and resolved? Several areas must be assessed. These include a direct appraisal of existing technological threats- perhaps the area most normally associated with IT security deliberations - as well as looking at how people use IT systems and the processes associated with routine business operations.

To build a reasonable picture of the threats we first need to acknowledge that the majority of corporate security breaches come about because internal staff do something that they should not or, just as likely, do not do something they should. All the same, external challenges are becoming more sophisticated as the months go by – and even ‘good’ security behaviour may not be enough to protect against all threats.

So what are the most important threats and security weaknesses that challenge business IT today? Last year, we surveyed The Register Tech Panel to find out what what they thought. Here is one finding:

The figure above shows that even for the better-understood security challenges such as virus infections, spam, external hackers and other outside threats and annoyances, there is still a sizable community (nearly one of three) that do not consider themselves to be well protected. Issues such as anti-viral protection and systems that can scan files before they are read or executed are now a common feature of most business systems. But, as in all areas of IT, the authors of malicious code are always moving forward.

New infection vectors are being exploited, with “drive by” infections gaining particular notoriety. Here, when a user access a compromised web site, often sites of respectable entities, the web browser itself is used to insert malicious code, key loggers or Trojans onto the user’s machine. In some parts of the world this route of infection has reached similar levels as the more traditional infected email attachment. Another vector, namely infection via the use of compromised USB sticks, has become prevalent in parts Asia-Pacific.

The motives of those creating the new threats have changed dramatically over the past few years. No longer are malware authors releasing their creations just to garner notoriety or to inconvenience people. Today’s malware is more usually created with financial goals in mind as the authors, individually or in groups, try to get hold of data that can be transformed into monetary rewards. Password stealers, credit card and account number / PIN seekers are now routine targets of malware infection, with the authors of the infection either using the information themselves or selling it on for others to exploit. Identity theft should now be a major consideration for all IT systems users, at work and at home.

By the People

The figure above highlights other areas of concern for those charged with securing IT systems, and these fall very firmly into the ‘people’ space. Broadly speaking, these can be classified under the headings of ‘data leakage’ and deliberate misuse. As can be seen, a half of organisations consider themselves to be well protected against third parties breaching security from inside the firewall. Of more concern, less than a third of respondents considered their organisations to be well protected against their own staff deliberately breaching security.

These results support the often unvoiced concern that the most serious security challenges are to be found inside the enterprise, rather than outside. Data leakage, or staff inadvertently breaching security, say by losing their PC or smart phone full of encrypted data, or giving someone a USB stick loaded with sensitive data, can result in considerable financial loss and brand damage. But our survey shows that just over 40 per cent of organisations think they are reasonably well protected against this myriad of threats.

These are all real threats and the current dark economic climate, along with the increasing proportion of the world’s population getting online, is likely to exacerbate the dangers. Coupled with trends such as the rise of home working and managers looking to access corporate systems, wherever they may be, will make securing the enterprise even more demanding. An additional challenge comes from the use of new business services and technologies such as SaaS and virtualization. The need for those responsible for security to know just what equipment and users they must protect, what they do and how they work has never been clearer.

To deliver effective, secure IT services one must understand what IT assets are deployed in the company, for what they are being used and by whom.

In many organisations the quality of this knowledge is usually neither sufficient nor up to date, and in future articles we shall discussthe role of assessing existing infrastructure and developing appropriate policy. Without such an understanding, it is impossible to evaluate the nature of any potential threat, to recognise when usage patterns diverge from the expected and hence be in a position to implement appropriate security measures across the IT portfolio and indeed the organisation as a whole. ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
'Regin': The 'New Stuxnet' spook-grade SOFTWARE WEAPON described
'A degree of technical competence rarely seen'
You really need to do some tech support for Aunty Agnes
Free anti-virus software, expires, stops updating and p0wns the world
Regin: The super-spyware the security industry has been silent about
NSA fingered as likely source of complex malware family
You stupid BRICK! PCs running Avast AV can't handle Windows fixes
Fix issued, fingers pointed, forums in flames
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
HACKERS can DELETE SURVEILLANCE DVRS remotely – report
Hikvision devices wide open to hacking, claim securobods
prev story

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
How to determine if cloud backup is right for your servers
Two key factors, technical feasibility and TCO economics, that backup and IT operations managers should consider when assessing cloud backup.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.