Throwing away the key

Wayne Hull, general manager for Cisco UAE takes a look back at the security issues that have shaped the IT landscape this year

Tags: Cisco Systems IncorporatedUnited Arab Emirates
  • E-Mail
Throwing away the key Wayne Hull, CEO Cisco UAE: "The recession has created new moneymaking opportunities for at least one group of ‘entrepreneurs'— identity thieves".
By  Julian Pletts Published  November 24, 2009

As predicted in the Cisco 2008 Annual Security Report, attacks are only going to become more sophisticated and targeted as we move through 2009 and beyond. Social engineering is, and will remain, the technique of choice for criminals devoted to mastering the arts of trust-breaking and reputation-hijacking. To launch an attack, a social engineer might seize upon the hot topic of the day, such as swine flu or a major sports championship, or pose as someone, such as a friend or something - a local bank or a well-known company - to lure unsuspecting victims into handing over their personal information and ultimately, their identity and money.

Users, in droves, are also being convinced to install software that infects their systems and then harvests their personal information-or hijacks the machine so it will spam, infect, or con other users. Worse, users seeking protection from common cybercrime ultimately become victims anyway by turning to the Internet for help: They are duped into buying bogus anti-malware software to "clean up" their infected systems.

Meanwhile, there is increasing investment, focus, and success in malware used to infiltrate a computer and make it part of a botnet. Increasingly, botmasters are working to monetise their botnets, by renting them out.

Although it's true that cybercrime is only becoming more pervasive, this year's positive news clearly illustrates the growing effectiveness of the means for fighting back. The unprecedented level of cooperation and participation by the security community and industry in response to the Conficker threat earlier this year marked an important turning point in the ongoing battle against cybercrime and fast-moving and far-reaching Internet security events. IT must work directly with management and employees to create and implement relevant, flexible, user-friendly policies that can be practiced and enforced throughout all levels of the organisation.

Cisco's security recommendations:

  • Security must move at the speed of crime.
  • Organisations and users must not wait to patch their operating systems and applications. The list of vulnerabilities grows every day, as does the number of new applications (and versions of existing applications). Meanwhile, the complexity of attacks is increasing. Thus, businesses and users have no choice but to become more agile in deploying countermeasures and working with appropriate parties to respond to attacks. In addition, security solutions need to be built to react rapidly. Anti-spam systems have become the blueprint for this model. For years now, new attacks have been developed and new techniques have been deployed to meet those threats effectively. All threats are heading in this direction and solutions must do the same.

  • User education and security awareness training are critical.
  • As was recommended in the Cisco 2008 Annual Security Report, employees should be expected to play a vital role in safeguarding their own online identity and understanding the risks that go along with their use of technology. Particularly, today's users must be educated as to how their growing reliance-and affinity for-Web 2.0 collaborative tools and applications and mobile devices that are not approved or supported by the enterprise pose significant security risks. Ongoing user education on security policies, technologies, and online threats, as well as clear guidance for meeting compliance measures, are essential.

  • Keep an eye on "old problems" while being vigilant about new risks. Unpatched or forgotten machines are those that will be infected first, giving attackers an "agent behind enemy lines" that can conduct inside-the-firewall attacks. Organisations must remember that a risk is a risk, and as criminals become more sophisticated and bold in their approaches, they will leverage an arsenal of techniques to carry out their attacks-even if the probability of any particular one being successful is low or remote.

  • Never underestimate the insider threat.
  • The global recession has caused many individuals to lose their jobs-or face the prospect that they could be in the unemployment line soon. As a result, insider threats will be of increasing concern for organizations in the months ahead. Today's organisations need to create progressive policies that encompass anti-malware, acceptable use policies, and data loss prevention, and that are designed to help ensure regulatory compliance.




Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code