The facts are astounding: Over 80% of enterprises have reported downtime due to a network security incident; over 50% of all network security break-ins occur from manual device configuration; and some companies can face up to $1M per day in fines if their network infrastructures do not comply with compliance legislation.
Security experts at AT&T are about to take a page from CNN's playbook. Within the next year they will begin delivering a video streaming service that will carry Internet security news 24 hours a day, seven days a week, according to the executive in charge of AT&T Labs.
The network security forecast is cloudy, and that's not a bad thing if you're to believe what analysts are saying at this week's Gartner IT Security Summit. Gartner predicts that by 2008, carriers like AT&T, Verizon, MCI and others will operationalize security functions like firewalls and intrusion detection into routers and switches, leaving enterprises to concentrate on identity and access management and other security duties away from the perimeter. By extending security to the Internet cloud, denial-of-service attacks, for example, never reach the gateway.
Counterpane Internet Security, Inc., monitors more than 450 networks in 35 countries, in every time zone. In 2004 we saw 523 billion network events, and our analysts investigated 648,000 security "tickets." What follows is an overview of what's happening on the Internet right now, and what we expect to happen in the coming months.
It's a tedious activity that can put the best of IT administrators to sleep. But as security and compliance manager for a large U.S. healthcare organization, Adam Nunn has learned to study his network activity logs religiously. He knows that when the bad guys work overtime to break his defenses, those logs can be the first sign of trouble. He had a more relaxed approach to log checking at home. But one day he had a look and was alarmed to find that more than 1,000 brute force attacks had been targeting his personal Web server for a month.
Criminals aren't the only ones benefiting from the onslaught of threats that bombard corporate networks. Security vendors are also reaping the benefits. According to Infonetics Research, worldwide security appliance and software revenue is forecast to hit $6.5 billion by 2008.
Remote-controlled "zombie" networks operated by bottom-feeding spammers have become a serious problem that requires more industry action, the Federal Trade Commission is expected to announce on Tuesday.
Companies have long realised the great business opportunities that the Internet offers and it’s no secret that organisations are shifting more and more of their business processes online. While this move brings many advantages with it, such as widening customer reach and reducing overheads, the emergence of organised crime in the online world means that business needs to be sharper than ever when it comes to security.
Attackers could exploit a major flaw in the Internet Protocol Security [IPsec] framework to obtain the plaintext version of IPsec-protected communications "using only moderate effort," the British-based National Infrastructure Security Co-Ordination Centre [NISCC] warned in an advisory.
A new test laboratory at Iowa State University will allow researchers to study how computer networks respond to massive Internet attacks and could lead to breakthroughs in computer defenses and forensics, said a researcher behind the project.
Network security systems that rely on the laws of quantum mechanics to create hack-proof networks are arriving in the form of practical products that are easily integrated into optical networks. At the Infosecurity Europe 2005 trade show in London, id Quantique SA (Geneva) announced a turnkey quantum encryption system enabling hack-proof secure bridges between two Fast Ethernet (IEEE 802.3u) networks up to 100 kilometers apart. The move followed a March announcement by MagiQ Technologies Inc. (New York), which rolled a rework of its Quantum Private Network (QPN) 5505 system. The QPN 7505 incorporates Cavium Networks' Nitrox data encryption processors.
Given the fact that almost all networks are connected to the Internet nowadays, your one hope of staying secure is to constantly patch all machines on the network with the latest vulnerability fixes. This may not be a big deal in environments consisting only of Windows 2003 servers and Windows XP workstations, for which you can simply use Microsoft's Software Update Services (SUS), System Management Server (SMS) or any number of third-party tools for patch updates. However, if your computers are running non-Microsoft operating systems or non-PC devices, or if your VPN allows connections by computers not controlled by your company, keeping everything up-to-date on your network becomes much more complex -- although not impossible.
Forward-looking companies have long realized the great business opportunities that the Internet offers and it's no secret that organizations are shifting more and more of their business processes online. While this move brings many advantages with it, such as widening customer reach and reducing overheads, the emergence of organized crime in the online world means that business needs to be sharper than ever when it comes to security.
VeriSign is the world's largest digital certificate authority and is steward of the A and J root servers (two of the 13 computers representing the top of the Internet's hierarchy). With 40 percent of North American e-commerce payments going through its gateways, 100 percent of .com registrars running 15 billion queries a day through its system, and 50 percent of North American cellular roamings going through its servers, VeriSign has a significant role in seeing that the Internet infrastructure runs securely.
GFI Software Ltd., recently announced the release of a new version of its network security scanner, GFI LANguard Network Security Scanner (N.S.S.) 6 that can detect all machines and devices connected to the network via a wireless link. It also alerts administrators when suspicious USB devices are connected to the network.
With the growing reliance and dependence on our inter-connected world, security vulnerabilities are a real world issue requiring focus and attention. Security vulnerabilities are the path to security breaches and originate from many different areas - incorrectly configured systems, unchanged default passwords, product flaws, or missing security patches to name a few. The comprehensive and accurate identification and remediation of security vulnerabilities is a key requirement to mitigate security risk for enterprises.
How can a system administrator monitor a large number of machines and services to proactively address problems before anyone else suffers from them? The answer is Nagios. Nagios is an open source network monitoring tool. It is free, powerful and flexible. It can be tricky to learn and implement, but can reduce enormously the amount of time required to keep track of how your organization's IT infrastructure is performing.
In the 1970s, Martin Hellman and Whitfield Diffie wrote the recipe for one of today's most widely used security algorithms in a paper called "New Directions in Cryptography. The paper mapped out the Diffie-Hellman key exchange, a major advancement in Public Key Infrastructure (PKI) technology that allows for secure online transactions and is used in such popular protocols as the Secure Sockets Layer (SSL) and Secure Shell (SSH). In 2000, they received the prestigious Marconi Foundation award for their contributions.
Today, it's hard to imagine an organization operating without taking advantage of the vast resources and opportunities that the Internet provides. The Internet's role has become so significant that no organization can afford to have its Net connection going down for too long. Consequently, most organizations have some form of a secondary or backup connection ready (such as a leased line) in case their primary Net connection fails.
As we rely more on computers, the potential for hackers to hurt us and destroy our personal records has grown. Corporates and public networks, instead of individuals face the brunt of hackers’ ingenuity. However, there are ways to build unhackable network.
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
