IT security companies hope the Microsoft security breach will act
as a catalyst for companies to start implementing better security
practices.
Daniel Thomas. .
The prevalent view within the security industry is that
organisations have to realise the importance of data and of making
sure it is secure.
Despite Microsoft's insistence that the hackers were monitored
over a six-day period, most commentators believe that the intrusion
took place a few months ago through a known Trojan horse virus,
Troj/QAZ, disguised as an e-mail attachment and opened by an
unwitting Microsoft member of staff.
Gunter Ollmann, principal consultant for Internet Security
Systems, said, "The education of staff in security issues is vital.
There is a great deal of awareness that needs to be gained - it is
similar to the situation with viruses three years ago."
Microsoft claimed that a possible scenario is that an employee
working from home may have received the infected e-mail, activated
the QAZ Trojan, and infected Microsoft by logging on to the
corporate network.
This has led to accusations that the company is not updating its
computer security software and policies frequently enough. If it
had, the Trojan could have been eliminated before it infected the
system. This could have easily been achieved by, for example,
warning end-users against opening certain types of attachment.
But Ollmann does not think Microsoft is completely at fault. "If
the hackers used encryption on the attachment, anti-virus software
wouldn't have picked it up anyway," he explained.
He also suggested it was inevitable a company like Microsoft
would have been caught out sooner or later. "There is a constant
arms war going on between suppliers and hackers," Ollmann said.
Steve Barnett, managing director of Internet security company
Checkpoint, said the hack was a wake-up call to the industry.
"Security is still not an holistic part of business - a lot of
organisations are looking at the network in terms of where it is
rather than who is using it," he explained.
"The challenge for security is to make sure access is given
depending on who you are rather than where you are," he added.
Barnett said that "pure stupidity" is the cause of a lot of
hacks. "Basic things like network passwords being pinned up on
noticeboards are still happening all the time," he said.