Beware the hacker within

Most firms have at least one hacker working internally within their organisation according to a security expert at IBM.

Most firms have at least one hacker working internally within their organisation according to a security expert at IBM.

Paul X, who is an ethical hacker within the security and privacy services division of IBM Global Services, and remains anonymous for security reasons, claimed the internal threat could be just as dangerous as that from outside.

'Most companies have at least one hacker operating from within an office. They are normally someone who wants to be seen as an elite hacker, and they practise on your network,' said Paul X.

But he also claimed that much of the modern image of hackers is a media invention.

'A hacker used to be someone with strong technical skills and a desire to explore systems and find out how they work. The media has turned the hacker into a computer abuser who defaces web sites, someone who is out to gain money or self-glory, or a person who wishes to just cause damage or embarrassment to a business. The reality is that 90 per cent actually fall into the original category.'

But James Luke, an information warfare specialist at IBM Global services, said some companies are failing to even take the most basic precautions against attacks. 'One of the most important issues is the education of management. Some companies don't even know what their single point of failure or most critical system is. And there are still companies which have failed to install the patches and haven't updated their virus checkers to protect against the code red virus.'

He said that security issues were often missed by companies because of a shortage of security skills in organisations, whilst commercially available anti-virus and anti-hacking products provide plenty of opportunities to practise. Much of the existing anti-virus technology is based on reaction to known attacks. Luke is currently investigating techniques which could lead to software capable of identifying unseen viruses based on changes to information in a system.

The Computing Services and Software Association and the Alliance for Electronic Business are to jointly develop an information database aimed at delivering the UK's first 'hacking exchange'. It's expected to mirror a similar scheme in the US, the IT-ISAC (IT - Information Sharing Analysis Centre), which includes some industry heavyweights such as Microsoft, Oracle, Hewlett-Packard and AT&T. The new service, to be named UK-Saint, will allow companies to receive and share information on computer crime and security techniques. The UK-Saint working group is to be chaired by John Harrison from e-business specialists Smart421, and has already received support from the chairman of IT-ISAC

2. The FBI has warned there could be an increase in cyber incidents after the terrorist attack on the US. The bureau's National Infrastructure Protection Centre said the activity could be caused by 'political hacktivism' by self-described 'patriot' hackers targeted at those perceived to be responsible for the terrorist attacks.' But it also warned old viruses could be given fresh impetus as they are renamed to appear related to the terrorist outrages. Within days of the disaster, a new version of the life_stages.txt.shs virus was renamed with a wtc prefix

3. Entercept Security Technologies has announced it's to join up with Cisco in an OEM agreement. The deal will see Entercept's security products co-branded by Cisco as its host-based intrusion prevention solution. The arrangement is aimed at the growing market for proactive intrusion prevention dedicated to servers and operating systems

4. Internet information management company Xdrive Technologies and security solutions provider Hush Communications have announced a partnership which is claimed will create an easy-to-use hosted encryption key security solution. The deal will see Xdrive's file sharing and collaboration technology delivered with Hush's hosted encryption key pairs. According to the two companies, it will enable users to locate, save, share and respond to internet information in a secure environment from any device

5. Pentasafe Security Technologies is offering a free security awareness check as part of its Information Awareness Index study. The study will be used, according to Pentasafe, 'to help companies measure how well their organisation is addressing the human aspect of information security'. Companies participating in the study will receive immediate feedback on their answers and after eight weeks, an index score which can be used to measure their effectiveness against similar organisations. Pentasafe said all survey information would be kept completely confidential

6. Managed security specialist Activis, is launching what it calls 'next generation' managed firewall security. It claimed AlarmCenter SSA and SecureCenter SSA will include automated and proactive threat detection and monitoring technology, based at its three security management centres in Germany, the UK and the US. The Security Service Appliance (SSA) is a device which sits on a client network and is said to detect threats by analysing, alerting and summarising firewall log files. It will also regularly check the health of the firewall

Read more on Antivirus, firewall and IDS products