Return-Path: <sentto-279987-2633-1002078945-fc=all.net@returns.onelist.com> Delivered-To: fc@all.net Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Tue, 02 Oct 2001 20:17:12 -0700 (PDT) Received: (qmail 29916 invoked by uid 510); 3 Oct 2001 03:15:51 -0000 Received: from n3.groups.yahoo.com (216.115.96.53) by 204.181.12.215 with SMTP; 3 Oct 2001 03:15:51 -0000 X-eGroups-Return: sentto-279987-2633-1002078945-fc=all.net@returns.onelist.com Received: from [10.1.4.56] by n3.groups.yahoo.com with NNFMP; 03 Oct 2001 03:15:45 -0000 X-Sender: fc@big.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-7_4_1); 3 Oct 2001 03:15:45 -0000 Received: (qmail 39730 invoked from network); 3 Oct 2001 03:15:44 -0000 Received: from unknown (10.1.10.142) by l10.egroups.com with QMQP; 3 Oct 2001 03:15:44 -0000 Received: from unknown (HELO big.all.net) (65.0.156.78) by mta3 with SMTP; 3 Oct 2001 03:15:44 -0000 Received: (from fc@localhost) by big.all.net (8.9.3/8.7.3) id UAA10640 for iwar@onelist.com; Tue, 2 Oct 2001 20:15:44 -0700 Message-Id: <200110030315.UAA10640@big.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL1] From: Fred Cohen <fc@all.net> Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Tue, 2 Oct 2001 20:15:44 -0700 (PDT) Reply-To: iwar@yahoogroups.com Subject: [iwar] [fc:Computers:.Protection.sought.against.disruption.from.hackers] Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 8bit Computers: Protection sought against disruption from hackers Pian Chan and Tricia Duryee, Seattle Times, 10/2/2001 No URL available As many in the Internet security business see it, the Sept. 11 attacks and the subsequent Nimda virus infection were not a coincidence. While the perpetrators may have nothing in common, experts say the hackers deliberately chose a week when companies were paralyzed with shock. The past month has left many companies feeling particularly vulnerable, prompting interest in contingency and disaster-recovery planning. And besides employee safety, information is often a company's most prized possession. "There are a lot more targets than planes and buildings, unfortunately," said Chris Christiansen, Internet-security analyst for research group IDC. "If terrorists are really serious, there are possibilities in the infrastructure for even greater disruption." The more a company makes its networks accessible through handheld devices and laptops, the more vulnerable it may be. "I say we are in the infancy of network security," said Jerry Ketterling, chief executive of ESSI, a security-consulting group in Kirkland. "I don't want to say ground zero. We have learned something, but then Nimda came around and showed us that we hadn't learned anything at all." Even before the attacks, research firm Gartner estimated that in the next 10 years, the amount a company will spend on information security will grow from 0.4 percent to 4 percent of its revenues. In Seattle, the number of startups, companies and technologies that focus on security has grown in Internet time, fueled by network expertise from Microsoft and infrastructure specialists from Boeing. Venture capital has funded a number of products and systems claiming to protect critical data from attacks, worms and viruses. Companies have to let the employees in, so they implement access controls such as secure identification. Seattle companies such as eTunnels and NetMotion Wireless build virtual private networks to safely allow remote access to corporate networks through the encryption of data. Filtering software from Seattle companies such as WatchGuard and BVRP, formerly Seattle Labs, keeps viruses out. To get a picture of how networks get hurt, Seattle-based Asta Networks and Issaquah company CyberSafe develop monitoring technologies that detect anomalies in network traffic and intrusion. Backup solutions from Redmond company ADIC protect companies from data loss. And companies can purchase trust-operating systems that are locked down to protect the guts of a company operating system from being altered. There are a handful of other consulting groups, such as ESSI and Conjungi Networks of Seattle, that will come in and evaluate a system's vulnerability or design security systems. And problems can continue even after companies spend a little money and install a couple of applications . "Nothing is perfect. You can achieve very high degrees of security, but it all depends on how much you are willing to spend," said Mike Simon, chief technology officer at Conjungi. "None of this stuff is absolute; if anyone is saying that you're secure, they are either lying or they are naive. That's the absolute truth." The government already set some mandatory levels of security when it passed three acts since the mid-'90s regarding health-care records, confidential financial information and protecting the rights of children under the age of 13. Companies dealing with any of those three issues are mandated by law to maintain certain levels of security. "I think that it's brought security awareness to the forefront for a lot of individuals," said Mark Schulstad, who has seen increased business in those three areas as Conjungi's director of sales and marketing. Schulstad also co-chairs the Security Special Interest Group, which held its first monthly meeting in January. "Information technology as a whole is down, but security is one hunk that has stayed steady, and, in our case, is growing tremendously," partly as a result of Sept. 11, he said. "People will head more down that path more as they start to understand that this is serious." In the wake of tragedy, many security-related companies say sales are up. "This is a tragic set of events, and it has been a very unexpected and positive thing for those of us that sit in the security space," said Glenn Argenbright, chief executive at Saflink, which developed software to link large-scale networks to biometric devices, such as retinal scanners, facial contour or voice recognition. It may be a saving grace for his company, which has had a number of financial problems recently, including getting delisted from the Nasdaq and laying off most of its employees. Argenbright said the number of customers in some stage of the sales process has grown from 200 #151; which took the previous 12 months to nail down #151; to 270 to 300 since Sept. 11. The question remains of how long this awareness will last. "Something bad happens, we say 'We better get more secure,' and then 45 days later we are back to not updating our files again," said John Pescatore, an Internet-security research director at Connecticut-based Gartner. And the biggest network security attacks, like the Code Red or Nimda virus, are easy to prevent by downloading software updates. "People write very long, very big books about security," says IDC's Christiansen. "But the simple answer is that in most cases, the systems aren't patched to prevent known security problems. Most of the threats are based on known security problems. That's one very simple solution." Pian Chan can be reached at 206-464-2958 or schan£seattletimes.com. Tricia Duryee can be reached at 206-464-3283 or tduryee£seattletimes.com. GRAPHIC: photo; Betty Udesen / The Seattle Times: David Wetherall is chief technology officer at Asta Networks, which develops devices that detect anomalies and intrusions in networks. ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-12-31 20:59:53 PST