Goto Blog Home PageRevell Research Systems: Alastair Revell's Web Log
On this page....
<January 2020>

RSS 2.0     Atom 1.0     CDF

Blog Roll
About Alastair Revell
Alastair Revell is the Managing Consultant of Revell Research Systems, a Management and Technology Consulting Practice based at Exeter in the United Kingdom.
Contact Alastair Revell
 EMail Revell Research Systems Limited Email Me
Legal & Other Notices
Sign In
The material published in this web log is for general purposes only. It does not constitute nor is it intended to represent professional advice. You should always seek specific professional advice in relation to particular issues. The information in this web log is provided "as is" with no warranties and confers no rights. The opinions expressed herein are my own personal opinions.

Web Log Home | Welcome to this Web Log | Using this Web Log | New to Blogs? | About Revell Research Systems | Contact Details

Review Entries for Day Monday, February 11, 2008

The lack of understanding of IT-related security issues in many small-to-medium sized businesses that I encounter as a management and technology consultant often worries me.

There seems to be a mindset amongst senior managers (often at partner and director level) that security breaches are only perpetrated by external human hackers and that their firms are not sufficiently important enough to attract attention.

These senior managers miss the fact that almost all initial external attacks are automated and that although many of these attacks may be unsuccessful in compromising their organisation’s data security, they may nonetheless seriously damage their internal infrastructure, resulting in significant costs in order to rectify the damage.

It would be a lucky organisation indeed that did not have its Internet defences probed at least once every couple of minutes. The most recent log I inspected for a small organisation was receiving an attack per minute in what appeared to be an attempt to swamp instant messaging clients with spam. The log also revealed port scans and other nefarious activity once every 10 minutes. These more serious attacks are often scanning for weaknesses through which to inject malware.

We have conducted occasional exercises in assessing just how bad this type of wanton vandalism is by simply connecting an unprotected set of newly built PCs to the Internet. Our somewhat primitive research shows that it takes around 15 minutes before machines in this condition are crippled with malware. Much of the malware also seems to be aimed at stealing credit card details and the like; and could cause enormous damage to an organisation’s reputation.

I’m often confronted by SME senior managers that argue that they have nothing of value on their networks, but my immediate retort is that neither did the machines mentioned above, but the cost of putting them back together again was expensive. It is clear from the subsequent discussions with these managers just how valuable having an operating computer system actually is to their organisations.

The irony is, of course, that the sort of dubious activity I see time and time again in firewall logs is the equivalent of a criminal gang casually walking down the road trying the doors and windows of each building they encounter for weaknesses, with a view to coming back later to investigate the weaker buildings further. I have little doubt if our streets were full of such marauding gangs then there would be huge public concern. The problem for IT is that this kind of behaviour is literally “out of sight, out of mind”.

I believe, like many other observers in the profession, that there is a discernible shift away from writing viruses for the sheer devilment of it to one of seriously making money out of it.

Indeed, Joe Telafici, vice president of operations for McAfee’s Avert Labs, recently said in a BBC interview that he felt 2007 had effectively seen the extinction of young hackers who wrote viruses and other malicious programs for fun and that writing Windows malware was now all about money.

More about Alastair Revell

Monday, February 11, 2008 9:35:25 PM (GMT Standard Time, UTC+00:00)  #
Comments [0] Security | Trackback

RSS 2.0 Feed If you enjoyed reading an article on this blog, why not subscribe to the RSS 2.0 feed to receive future articles?
Revell Research Systems Logo Visit the Revell Research Systems Web Site if you want to learn more about this management and technology consulting practice.