Return-Path: <sentto-279987-2839-1002729486-fc=all.net@returns.onelist.com> Delivered-To: fc@all.net Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Wed, 10 Oct 2001 08:59:06 -0700 (PDT) Received: (qmail 16736 invoked by uid 510); 10 Oct 2001 15:57:59 -0000 Received: from n32.groups.yahoo.com (216.115.96.82) by 204.181.12.215 with SMTP; 10 Oct 2001 15:57:59 -0000 X-eGroups-Return: sentto-279987-2839-1002729486-fc=all.net@returns.onelist.com Received: from [10.1.1.222] by n32.groups.yahoo.com with NNFMP; 10 Oct 2001 15:58:06 -0000 X-Sender: fc@big.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-7_4_1); 10 Oct 2001 15:58:06 -0000 Received: (qmail 2485 invoked from network); 10 Oct 2001 15:58:06 -0000 Received: from unknown (10.1.10.27) by 10.1.1.222 with QMQP; 10 Oct 2001 15:58:06 -0000 Received: from unknown (HELO big.all.net) (65.0.156.78) by mta2 with SMTP; 10 Oct 2001 15:58:06 -0000 Received: (from fc@localhost) by big.all.net (8.9.3/8.7.3) id IAA04550 for iwar@onelist.com; Wed, 10 Oct 2001 08:58:06 -0700 Message-Id: <200110101558.IAA04550@big.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL1] From: Fred Cohen <fc@all.net> Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Wed, 10 Oct 2001 08:58:06 -0700 (PDT) Reply-To: iwar@yahoogroups.com Subject: [iwar] [fc:Survey:.Hackers.Thrive.on.Sloppy.Employees] Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Survey: Hackers Thrive on Sloppy Employees By Alexander Boreiko, Moscow Times, 10/10/2001 <a href="http://www.themoscowtimes.com/stories/2001/10/10/049.html">http://www.themoscowtimes.com/stories/2001/10/10/049.html> Russian corporate computer networks are hacked into twice as often as in Western Europe, while e-crime thrives on careless computer users, according to Ernst & Young research. Sixty-five percent of those surveyed by Ernst & Young encountered problems with computer security sometime in the past year. Companies most often suffered from computer viruses, network crashes and unauthorized access from inside the company. Thirty-nine percent of respondents reported that hackers broke into their system -- twice the level in Western Europe. However, only 26 percent experienced vital systems failure, compared with 70 percent in Western Europe. Hackers frequently took advantage of glitches in security -- for example, misconfigurations in network monitors -- and the carelessness of users, who often leave default and guest passwords unchanged, according to the survey. Half of the companies in the survey experienced virus attacks -- frequently caused by workers opening files from questionable sources. Hackers usually break into systems to steal commercial information or tamper with finances; but Russian companies reported that these types of attacks accounted for only 3 percent and 6 percent of all break-ins, respectively. Experts from Ernst & Young say the problem is bigger than it seems, and say the relatively low percentage figures are a result of hackers cleaning up their tracks. In Moscow alone, e-crime accounts for $12 million to $15 million in losses yearly, according to law enforcement authorities. If a hacker doesn't break into a system, he or she can still cause considerable damage by launching a denial-of-service attack, said Michelle Moore, head of the information technologies and risk department at Ernst & Young's Russia office. A DoS attack overloads the network system by sending false queries, cutting access to real users. "Hackers launch DoS attacks so the day wouldn't be wasted," said Moore. "It is comparable to a burglar who cuts the telephone and electric wires of a house he isn't able to get into, out of spite." In the United States, 70 percent of companies polled by the FBI said they experienced unauthorized access to their computer systems sometime last year. Fifty-nine percent of the attacks came over the Internet, while 38 percent where launched from within a corporate network. Seventy-four percent of respondents reported financial losses attributed to hacking, while 42 percent even evaluated the losses. Losses totaled some $265.6 million. Most companies have anti-virus programs and network monitors as safety precautions. However, they focus on technical safety measures, rather than organizational ones. Russian companies toy with technical devices without determining what risks their systems face, in order to identify what safety measures the system requires. This leads to a lack or overabundance of software, analysts say. Because the Internet has made national borders invisible, companies in different countries are encountering the same threats to their information's safety. But Russia's legislation and technology is underdeveloped and not prepared to fight computer crime, Moore says, and no local companies have a formal system for tracking down breaches into operating systems. "A very big fraction of breaches happen because employees are not careful with information and it falls into the wrong hands, or they run applications that are not familiar to them," said Svetlana Trofimova, manager at the Kaspersky Lab, Russia's leading anti-virus software developer. Uneducated employees present the biggest risk, she said. The E&Y survey showed that 32 percent of respondents had not tested their security systems' effectiveness. One way companies can test their security is with planned hacker attacks. However, most Russian companies have not used this method and have no clear idea of how secure their information is. Ernst & Young specialists test systems by simulating a hacker attack on their clients, finding soft spots in the system. Almost always, companies hire outside help to test their security system only after a breach. Furthermore, only 38 percent of Russian companies have installed breach detectors into their systems. "One of the main problems is a lack of financing geared toward data security," said Trofimova. "Today, close to 90 percent of companies need security systems. A significant number are government institutions that lack funds and can not defend themselves adequately." To effectively protect a company from hackers, an analysis of the company's business processes and the risks associated with them must be made, said Alexander Galitsky, head of the TrustWorks computer security company. With that information, a security policy can be developed, technical infrastructure created and technology geared toward fulfilling the policy. "As far as I know, this is not practiced in Russia because, traditionally, Russian companies don't pay for consulting," he said. "Many consider a network monitor, door security and disconnecting the internal network from the Internet sufficiently safe." ------------------------ Yahoo! Groups Sponsor ---------------------~--> Get your FREE VeriSign guide to security solutions for your web site: encrypting transactions, securing intranets, and more! http://us.click.yahoo.com/UnN2wB/m5_CAA/yigFAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-12-31 20:59:54 PST