Cinema chain UCI plans to roll out an intrusion,
prevention and detection system to protect cinemas and office
complexes throughout Europe, Asia and South America from worm and
hacking attacks.
UCI plans to invest about £60,000 in technology capable of
pinpointing, mapping and blocking malicious attacks, after trials
in Manchester revealed the company's systems were facing more than
70 serious attacks a day.
The system, supplied by network security supplier Forescout, is
able to trace the source of attacks on the internet, allowing UCI
to work with internet service providers and police computer crime
units to block hacking.
"We have seen everything from worms, viruses and other people's
networks trying to access our networks," said Laurence Bentley, IT
infrastructure security manager.
"We have seen scanning, structured attacks, script kiddie
applets and penetration testing tools used against us."
UCI said there has been a 50% reduction in the number of hacking
attempts reaching its firewalls since installing the hardware
device, Activescout, in a trial at its Manchester datacentre last
year.
The unit, which sits in front of the firewall, creates spoof
applications and operating systems, which act as bait to hackers or
worms. Any attempts to access the non-existent systems are
automatically blocked before they reach the firewall.
The system has made it easier for UCI's IT department to
convince senior managers of the business case for investing in
security, said Laurence. "Instead of going through a list of
numbers to explain, I can simply show the map of attacks in the
past 24 hours," he said.
UCI predicted that the Activescout system, which has eliminated
the need to hire an extra member of staff to monitor firewall logs
at Manchester, will pay for itself in six to eight months.
The company plans to install a security console that will allow
it to control the planned network of Activescout boxes in Japan,
Brazil, Germany, Spain and Taiwan from Manchester.
Professional services firm PricewaterhouseCoopers said this sort
of intrusion prevention technology can be helpful, providing it
forms part of a wider system of defences.
"Deploying technology that helps you detect and deter would-be
attackers is a good thing. It needs to be done as part of a
co-ordinated defence. The danger is that organisations can get a
false level of comfort," said consultant Andy Beard.
Be an e-crime-stopper >>