Throw your shields up

With the small business security market firmly under the spotlight, SOHO users in the Middle East need to consider what they can do to protect their own networking environments. Andrew Picken considers what dangers lurk on the internet and what preventative measures can be taken.

  • E-Mail
By  Andrew Picken Published  June 30, 2003

Introduction|~||~||~|GENERAL MacArthur once famously said, “there is no security on this earth, there is only opportunity.” The internet presents a plethora of opportunity for both the SOHO user and hacker alike but often only a slim line of network security divides the two contrasting sides.

In the same sense that you need to walk before you can run, many hackers will initially target SOHO networks, often considered soft targets by hackers, in order to gain experience before moving onto bigger targets. The words, ‘it will never happen to me’ will send your average network security consultant into mild convulsions but it’s an attitude that prevails, particularly in the Middle East.

“Everyone falls into the trap that they think it won’t happen to them, especially small organisations, they know that the threat exists but they just don’t think it will happen to them,” says Patrick Hayati, regional director of Network Associates in the Middle East. A worm or virus does not discriminate between the corporate or SOHO user, a point missed by many SOHO users in the region.

Overall, the worldwide high-growth consumer/SOHO networking market was worth a whopping $3.7 billion in 2002, according to the American research house, Dell’Oro Group, which estimates this figure will double by the year 2006. Recent moves by the big players in the SOHO networking market appear to confirm this optimism, with Cisco recently acquiring the Linksys group. Another factor in the equation has been the recent clamour for going online by Middle East businesses. “The rabid adoption of e-business has a number of implications, a lot of businesses are looking to transfer to the e-world but do not consider security till after,” says Sabri Al Azazi COO of eHosting DataFort, adding: “security should be built in from the beginning of any business.”
Network security has been propelled into the public’s consciousness over the last couple of years, primarily through the e-mail borne viruses or worms like Bugbear, Badtrans, Klez, SirCam or ILoveYou. In terms of specific network threats, there are too many to list but possibly the most infamous one is hacking.

Since the classic 80s film, War Games, hacking has become something of a catchall phrase for all network security intrusions. Hacking involves the unauthorised entry into your computer systems through illegal coding. The sophistication of hacking methods has increased over the years, with large volumes of hacking code available for download over the internet.

One of the latest ploys involves planting software that registers keystrokes, which is then used for identifying passwords or credit card details. Another recent development is the use of Netblock scanning, where hackers are scanning blocks of IP addresses, searching for any vulnerabilities.

Hacking is more of a symptom than the cause of network security intrusions and a growing number of other threats exist. One that most readers will have encountered at some stage is the e-mail borne virus or worm like Nimda. General internet attack trends are showing a 64% annual rate of growth according to the US security firm, Riptech and the threat of viruses is something that everyone who accesses the internet must face.

What is common to all of these threats is the fact that generally hackers or virus spreaders are not too concerned who their victim is. The prime motivation behind compromising an organisation’s networks and systems is to simply prove that they can.

The consequences of network security violations for the SOHO user are often magnified because they do not have the resources for extensive backing up. The ‘Code Red’ worm, let loose in 2002, affected more than 359,000 servers in less than 14 hours and Computer Economics magazine estimated the cost to business at $2.62 billion. A significant period without e-mail or corrupted files can push SOHO users to the brink and as Stanislas de Boisset, network consultant for 3Com Middle East highlights, “there are a lot of people who are only aware of network security issues when it becomes a problem.”
||**||Mis-configuration |~||~||~|
As the old idiom goes, ‘garbage in-garbage out’ and a number of network security systems are set up with the best of intentions but are left less than effective through poor configuration. Al Azazi says this is a situation that DataFort encounters more frequently than not. “A lot of companies we visit may have an expensive firewall, but their architecture is all wrong,” he claims, pointing out that the notion that you can just go and download some anti-virus software and then you will be safe is still pervasive in the Middle East.

Another factor in the network security equation is the growing proliferation of broadband internet access, particularly amongst the SOHO user. “The threat still exists the same for dial up and broadband, but by being connected to the internet permanently then you increase the probability,” warns Hayati. This will have serious implications as the uptake of broadband internet access increases in the region, although current IDC figures put broadband connection at just 3% across the Gulf region in 2002.

Boisset says that another major threat to the SOHO environment is when a user removes themselves from the relative safety of the office network and works from home, an increasingly common occurrence in business today. He warns, “if SOHO users are working at home, but accessing the company network, they have little protection if they enter a bad website. They are left wide open to anything from Trojan horse attacks or spoof IP addresses.” One solution for the home to office user is an embedded firewall, a firewall that sits on each individual PC but is controlled centrally. However, the cost of this is prohibitive for the majority of SOHO users in the Middle East.
The growing use of PDAs and wireless LANs is an increasingly important consideration when drawing up battle plans to protect your SOHO environment. As the cost of PDAs continues to plummet, a lot of SOHO users would now consider their PDA to be an integral part of their office set up, particularly for those on the move. Little attention, however, has been paid to the content security of these devices and a number of viruses already exist on PDAs.

“As a region that is recording exponential growth in mobile devices and wireless networks, the Middle East will become increasingly dependent on leading virus protection systems if it wants to avoid sudden losses caused by viruses,” says Hayati. Network Associates recently became the first security software vendor to join the Open Mobile Alliance (OMA). The OMA is responsible for developing interoperable, open and common standards that work across countries, operators and mobile terminals. “This development carries significance for the Middle East, because of relatively poor awareness about viruses and a general lack of preventive measures,” insists Hayati.

Many SOHO environments opt for ‘off the shelf’ wireless LAN set-ups without giving security due consideration. Wireless security is often considered something of an oxymoron and many users are simply unaware of their security exposure as we at Windows learned firsthand, at a recent demonstration of wireless networking in Dubai Internet City. In this, a WLAN was set-up in one office and when it initially searched for a network it managed to pick up the wireless network in the office adjacent to the demonstration. This happened because this company had not enabled its WLAN Wired Equivalent Privacy (WEP) encryption features.
||**||Sociological dimension|~||~||~|
Sociological dimension
The sociological dimension to protecting the SOHO is one that is often overlooked, particularly by those overly anxious to get a firewall or anti-virus software in place before they are ‘attacked’. The fact that the weakest link in your network is most probably human is a factor that needs addressing. An arguably tougher task is the fundamental shift in attitudes required to acknowledge that hardware and software network security measures are only effective when they work in conjunction with an informed user.

“A lot of people are unaware of the difference between a worm and a virus and what the implications are for their organisation,” says Al Azazi, who insists levels of ignorance towards network security are still too high. It is this lack of awareness that makes education crucial to reducing the threat of network intrusions for the SOHO user. With an educated workforce, you will be able to reduce exposure to e-mail borne viruses and cut out your users’, often perfectly innocent, unsecure network behaviour.

“I think there is a definite need for users to be educated, particularly in the SOHO environment. We adopted a special pricing structure so that SOHO users would not be put off protecting their networks,” adds Hayati. But it’s not only SOHO users that need to be educated about their network activity, how many consumers look for the Secure Sockets Layer logo when they shop online (it’s the yellow padlock symbol at the foot of your internet page)?

Social engineering is a rather Orwellian turn of phrase that, despite its rather forbidding title, is a growing threat in network security. Playing on the natural human tendency to trust, social engineering is the process of gaining unauthorised information by deceit or psychological tricks in order to expedite the hacking process.

Although first exposed in larger organisations, Al Azazi points out what is to stop somebody phoning your office and claiming to be from your ISP and asking for your logon details? Some simple investigative work by the hacker, such as identifying when the boss is out of the office, coupled with the human willingness to accept someone at his or her word will leave any organisation open to this new facet of hacking.

For the small business, it is not possible to completely insulate yourself from all threats but a number of preventative measures can still be taken. “To buy a firewall is an expensive exercise, and not all businesses can afford to do that, so you have to find more cost effective alternatives to give you some kind of protection,” advises the CEO of security consultants Risk Diversion, Johan Du Plooy.

While the majority of SOHO users have not been slow to adopt anti-virus software, this is often where many finish their network security consideration. The threats to your SOHO are constantly evolving and your behaviour on the internet will dictate your exposure to new network threats. “Anti-virus in itself is not a complete solution, we need the end user to understand that there is other software available, not just to protect yourself, but to protect the community as a whole. With DDOS (Distributed Denial of Service) attacks, a hacker can take control of you personal computer and use it to attack others,” warns Karim Riyaz, director of e-trust security solutions, Computer Associates Middle East.
||**||Moving forward|~||~||~|
Moving forward
A coherent security strategy is what will best protect your SOHO environment, and although that reads like marketing speak from a Cisco brochure, its actually solid advice. It is important to complement your security architecture with educating those using it on a daily basis insists Al Azazi. Without a clear, and communicated, network security policy your defence will be ineffective, “it’s like I give you a Mercedes but you drive it like a Corolla,” he analogises.

We may have painted a rather morose network security landscape for you, but it is by no stretch of the imagination a helpless cause. In the adjacent box are some practical steps to securing your SOHO, but it is important to understand that any hardware or software additions to your security set-up will be redundant without properly configuring the devices to your needs and raising awareness of security amongst your users.

According to research firm Gartner, as much as a quarter of all e-mail is spam, and coupled with an increased volume of viruses and worms, the future of network security looks as turbulent as its first twenty years. Hayati adds, “in this particular area of the world there has been much made of cyber-terrorism and hacking, what we can be sure of is there are certainly more and more viruses being distributed.”

The importance of network security is beginning to register on the consciousness of hardware manufacturers, a point that Al Azazi picks up on. “The concept of security will be apparent in every single piece of technology over the next few years,” says Al Azazi who goes onto contrast this with Asynchronous Transfer Mode (ATM) and ethernet, which were both originally developed in the late 80s without any real security considerations.

We have highlighted social engineering as a non-technical area of concern and a cross fertilisation of security measures will emerge over the next few years. Developments such as HP including a biometric entry method to its latest PDA will work in conjunction with traditional network security like hardware firewalls. Protecting your SOHO is as much about getting the right hardware and software in place as it is making sure you and your colleagues are aware of the potential threats that exist by connecting the PCs in your office to the internet.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code