kdr ebusiness

This is a very complex subject, but Malware is software you didn’t want, that you didn’t choose to install, and that won’t be easy to remove.

Why does Malware exist? Because there is money to be made. Identity theft, corporate espionage, Spam campaigns, denial of service attacks and many other methods of extortion are all now possible due to Malware. And Malware is becoming more sophisticated, with better techniques of hiding itself from detection.

Most software now routinely ‘calls back’ to its manufacturer to check for things like updates and upgrades. Whilst this is good for keeping legitimate software up to date, Malware also uses very similar methods for keeping itself installed and operational on your computer.

How does Malware get installed on your computer? By exploiting security weaknesses in the legitimate software on your PC, or by exploiting the greatest security weakness of all - you. Even people who are aware of the problems of Malware can be caught off-guard and tricked into clicking on something they shouldn’t have. And that is sometimes all it takes. I recently had to remove Malware from a computer that was completely up-to-date, with the latest Anti-Virus and Anti-Spyware products installed and operational.

In a business environment it is important to maintain a high level of security with the ability to restrict the installation of software. With a great many vulnerabilities coming from the internet, a good content filtering appliance is vital, along with a properly configured firewall.
But by far the best investment you can make is to develop awareness and a security mentality amongst your staff. Some refer to this as the human firewall.

Bookmark to:
         

Here is a link to a short but excellent article that discusses whether we have any right to expect privacy on-line. This is recommended reading for anyone concerned about their on-line rights.

Bookmark to:
         

Wireless Networking was designed without a great deal of thought on how it could be secured. The first available security method was known as WEP, or Wired Equivalent Privacy. Unfortunately due to errors in it’s implementation it soon fell to attacks from determined hackers. As a result it is now considered worthless for any serious security use.

Soon after WEP was hacked, a better security system came along. WPA, or WiFi Protected Access, was a great improvement over the original and it quickly became the choice of anyone who was serious about the security of their Wireless Network.

Unfortunately there is now news that WPA has been partially cracked. This will inevitably now lead to further work by hackers to break this system, and ultimately it may become as worthless as WEP. At this point in time no-one knows how long this will take, but you should consider this issue when choosing a Wireless Network in future.

One final point to consider is this, if you do not know what type of security your company is using on your wireless network, you may be in breach of the Data Protection Act. The seventh principal of which states:

“The seventh principle (measures against misuse and loss of data)
17. Having regard to the state of technological development and the cost of
implementing any measures, the measures must ensure a level of security appropriate to —
(a) the harm that might result from such unauthorised or unlawful processing or
accidental loss, destruction or damage as are mentioned in the seventh
principle, and
(b) the nature of the data to be protected.”

The key term here is “ensure a level of security appropriate”. If you must use a Wireless Network, then you should use WPA2 because this is the best currently available. Using anything less means that you are not protecting the data on your network. Given the latest news about WPA, you should also keep an eye out for it’s replacement!

Bookmark to:
         

If your PC has become very slow you may have unwittingly allowed a Browser Hijack to take control of your internet connection. Browser Hijacking is a common type of on-line attack in which hackers attempt to take control of your internet browser to change how and what it displays when you’re using the internet.

the following are indicators of a Browser Hijack:

• The home page changes on your PC.
• Links are added to websites that you would usually avoid
• you cannot navigate to some websites, particularly microsoft update, or security software sites.
• Ad popups appear on your screen with annoying regularity
• Links or popups to gaming, pornography or other unsavoury sites appear.

Preventing Hijacks

Hijacks are relatively easy to defend against and providing you take reasonable precautions your PC should remain free from problems. We would advise the following approach.

• keep your PC up to date with the latest operating system patches
• Use a good anti-virus product, such as AVG
• Load Anti Spyware software, like Lavasoft’s Ad-Aware or Microsoft’s freely available Defender
• Don’t download or allow unknown ActiveX components to be loaded onto your PC.
• Look out for Social Engineering tactics.
• Don’t download or install any software that is not approved.

any website that asks you to install a program should be treated with appropriate levels of suspicion. If in doubt, use Google to pull up some background about the website or product. Also be aware that many popular programs such as screensavers, smileys, registry checkers and PC tuneup applications have been used as methods for Browser Hijacks

If you suspect your PC is infected you should seek professional advice. Unless you are very familiar with the workings of your PC’s operating system and with the methods used by Spyware and Malware programmers, it is unlikely that you will be able to solve the problem yourself.

Bookmark to:
         

Because security should run through your IT like the lettering on a stick of blackpool rock, a security audit may reveal plenty of areas for improvement in your IT infrastructure. There are several frameworks you can choose to perform your IT audit. One of the most popular is the ISO 27002 standard (previously known as ISO 17799). This is a code of practice that covers the following areas:

• Structure
• Risk Assessment and Treatment
• Security Policy
• Organization of Information Security
• Asset Management
• Human Resources Security
• Physical Security
• Communications and Operations Management
• Access Control
• Information Systems Acquisition, Development, Maintenance
• Information Security Incident management
• Business Continuity
• Compliance

By assessing each of these areas in turn and by measuring your own arrangements against the code of practice, deficiencies in your IT infrastructure are revealed. Fixing those deficiencies will result in a more efficient, stable IT platform for your business.

If you would like to arrange an audit of your own IT infrastructure, please get in touch.

Tags: IT, audit, ISO 27002, ISO 17799

Bookmark to:
         

I came across this essay from renowned security guru Bruce Schneier entitled The Psychology of Security. There are some excellent insights into why we often make the wrong decisions when assessing risks and into the huge differences that exist between the reality and the feeling of security. For those of you who are involved in risk management, health and safety or security management I recommend that you take a look. Warning: Set aside some time, this is not a five minute read, the article is 13,500 words long.

Tags: Bruce Schneier, risk management, health and safety, security management

Bookmark to:
         

A recent article in the New York Times demonstrated just how insecure it can be to use a WiFi ‘hotspot’ - just like the ones you might find in Ronaldsway Airport or Strand Streets’ Java Coffee lounge.

First the bad news:

…Jon sat a few feet
away with his PowerBook; I fired up my Fujitsu laptop and began doing
some e-mail and Web surfing.

That’s all it took. He turned his laptop around to reveal all of this:

* Every copy of every e-mail message I sent *and* received.

* A list of the Web sites I visited.

* Even, incredibly, the graphics that had appeared on the Web sites I had visited…

Jon used a program called a “packet sniffer” to capture the data being broadcast by the laptop - these programs are widely available and can be very sophisticated.

The good news is that by taking some basic precautions, you can use WiFi hotspots in a reasonably secure manner and the full article lists these in some detail.

Bookmark to:
         

I’ve been wanting to write up my own definition of this for ages, but then I found this from Security Guru, Bruce Schneier. There’s no way I can say it better. Below is an extract, but I recommend that you read the whole thing.

A hacker is someone who thinks outside the box. It’s someone who discards conventional wisdom, and does something else instead. It’s someone who looks at the edge and wonders what’s beyond. It’s someone who sees a set of rules and wonders what happens if you don’t follow them. A hacker is someone who experiments with the limitations of systems for intellectual curiosity.

Bookmark to:
         

Today’s announcement of a serious vulnerability in Microsoft Word get’s my attention.

Most email systems now routinely block unsafe attachments, but when it comes to Word Documents, these are let straight through. They have become a vital part of doing business.

If you want to protect your company from this threat then you need to ensure that your systems are up to date (patched) and that you have the latest anti-virus signatures installed. You should have a patching policy to cover this.

but

the best defence you have against this and future threats is a well trained and security aware workforce. I’ve written about this before - invest in your staff to improve security.

Tags: vulnerability, Microsoft Word, attachments, security

Bookmark to:
         

It is a fact that big companies have big reputations to protect and big budgets to spend doing it. It is also a fact that not all companies have the luxury of a full team of IT staff to ensure that their systems are properly secured.

Good security is set out in layers, designed to match each risk with the approriate measure. A typical systems security setup will consist of the following layers:

• People - Security Aware
• Policies - Set out rules and guidelines for the safe use of systems
• Firewalls - Similar to a nightclub bouncer, the firewall maintains a list of who gets in (and out!)
• Network Security - Controls who can connect and protects the data on the network
• Access Controls - Controls who can access files, audits changes
• PC Security - Up to date AntiVirus, AntiSpyware and Operating System patching provide protection for the data on your PC
• Backup - Allows for the recovery of critical data in the event of failure

The Isle of Man Government has been active in promoting good security practices and has commissioned courses and awareness campaigns. But not all business owners have the time or the technical knowledge to perform a security assessment of their own. KDR EBusiness have recognised this and offer a fixed price service designed to bring the benefits of good systems security to IOM based businesses.

To arrange your fixed price security assessment, call KDR EBusiness today

Tags: security, risk, systems security, Isle of Man, security assessment, KDR, EBusiness, IOM

Bookmark to: