Print
Discuss
Send to friend
RSS feedsEach week vnunet.com asks a different expert to give their views on recent virus and security issues, with advice, warnings and information on the latest threats.
This week Paul Lawrence, vice president and general manager, EMEA, at Top Layer, warns of the dangers in ignoring recent advances in security products and technologies.
There have been many cases reported in both trade and national press recently about the increasing threat of cyber-attacks and the methodology employed to exploit vulnerabilities in security implementations.
For example, during the last six months of 2004 e-commerce sites saw a 400 per cent increase in attacks compared to the same period in 2003.
Despite this increased emphasis on the reality of the threat, many organisations are ignoring the advances in security products and technologies that can significantly increase their resistance to these attacks.
In today's organisations, network systems are no longer completing simple business functions such as email and filing, but running a variety of mission-critical systems such as financial transactions, intranet and extranet applications, vertically integrated supply chain systems and even distributed work flow or resource management which essentially run the company.
Organisations are increasingly dependent on their networks and have invested considerably to achieve total reliability, capability and functionality.
These significant upgrades have led to what are arguably high performance 'Ferrari'-class networks, yet many owners often do not realise what they are driving now and have not upgraded their basic third-party fire and theft insurance from the 'Mini'-class networks of old.
Like insurance, full appreciation of the level of protection often only becomes apparent following a catastrophic event. Third-party and comprehensive motor insurance policies can appear to be identical products until such time as an accident occurs.
At that instant, the full magnitude of the difference between the two becomes only too apparent. Likewise with security, full comprehension of the genuine weaknesses in a security implementation may only become obvious following an attack.
Firewalls and intrusion detection systems have traditionally been used, together with access control lists on routers, to create a security environment that reduces the risk and vulnerability to attack. However, while each component has positive advantages in its contribution to the overall security umbrella, each also has distinct weaknesses.
Firewalls provide a good basic level of security, and the enhancements and improvements in recent years have taken functionality and performance well beyond that of early devices.
But simply loading more features onto a base product originally designed to perform relatively simple tasks is an inefficient and ineffective way to solve the problem.
A Capri with a body kit, tuned engine and up-rated performance is still a Capri and, while it may perform well against a comparable vehicle, it will still be no match for a Ferrari, a car specifically designed for a purpose.
Many organisations now deploy a multi-tiered firewall architecture to further increase their resistance to attack. But the inherent weaknesses in the fundamental technology cannot be overcome simply by adding multiple layers.
Using a combination of different technologies, each with its own specific contribution to the overall effectiveness of the security architecture, is increasingly the solution of choice for experienced security professionals.
Network intrusion detection technology is still a useful component in any good network security architecture, whether this functionality is provided by dedicated devices or derived from the output data of other products.
Recently, however, attack profiles has changed from random, high volume attacks with little direct focus, to specific targeted attacks on organisations and individuals. These attacks demonstrate knowledge and understanding of existing technology and security practices, and specifically target known weaknesses. They are simple brute-force attacks.
Security is a journey and not a destination, and continual investment in new and innovative products and technologies has become a necessity and not a luxury. Analysing the business risks of security breaches, and making appropriate investments to protect the critical assets on which a business operates, is a critical part of any security plan.
Having comprehensive insurance may not stop the accident from happening, but when it does occur the security of knowing that you have the best protection available makes the experience significantly more tolerable.
If you've invested in a Ferrari, don't wait for the accident to happen before you check your policy, otherwise it could leave you with a costly wreck.
The latest wave of cyber-crimes and acts of vandalism have demonstrated once again that many systems are still vulnerable to attack. 15 Apr 2004
All Hacking
del.icio.us
Digg this
reddit!
