There has been a twelve-fold increase in the number of
large UK companies finding unauthorised outsiders on their internal
networks, a government report into security breaches will reveal
atInfosecurity 2008today (22
April).
The 2008 Information Security Breaches survey for the
Department
for Business, Enterprise and Regulatory Reform reveals that 13%
of large companies found hackers inside their corporate defences in
2007, compared
with 1% in 2006.
The report, based on responses from more than 1,000 companies,
shows criminals are changing motives, targets and tactics in
response to
better defences against virus, spam and
phishing attacks.
Hackers are looking for confidential information such as
customer details and marketing plans, which they can sell or use to
disrupt a business, said Chris Potter,
PricewaterhouseCoopers security practice partner and author of the
report.
Potter said this was the flip side of the fact that 60% fewer
companies reported malware infections than two years ago. He
attributed this to near-universal use of anti-virus and
anti-spyware tools.
Because corporate cyber defences are working well,
criminals are targeting home PCs and careless web surfers.
"They aim to take over machines and
make them part of botnets [networks of PCs controlled by
criminals]. They then hire out the botnets to spammers and phishers
or
use them in a distributed denial of service attack to extort
money by threatening to block communications," said Potter.
Jim Norton, senior policy adviser at the Institute of Directors,
said if someone had got past the firewall, it was a concern, but
not necessarily damaging. "The fact that intruders have been
identified indicates that the defences are working. What should
keep us all awake at night are those who penetrate all the defences
and depart undetected," he said.
Norton suggested firms use honeypots, servers disguised to look
like they contain secure information. "Any access to these implies
that all the defences have been breached and it is time to call in
the troops," he said.
Martin Smith, chief executive at training provider The Security
Company, said the results of the Information Security Breaches
survey showed security technology was working. "Perimeter defence
is working, but there are determined attackers out there and the
human element is now the weakest link," he said.
Criminals and others are using social engineering attacks to
lure staff into insecure behaviour. "Insiders have always been
the biggest threat. It is now essential that boards
improve security awareness and practice among staff," said
Smith.
More from Infosecurity 2008>>
Guide to establishing security policy>>