Thought for the Day Asking for trouble

Thousands of ordinary users will plug into Broadband Britain this Christmas, says Simon Moores, and they haven't a hope of...

Simon Moores  

Thousands of ordinary users will plug into Broadband Britain this Christmas, says Simon Moores, and they haven't a hope of keeping the internet bandits out

 

 

 

I had just returned from towing an advertising banner behind an aircraft over Kent, when I happened to read a headline in Computer Weekly: “Banner ads the latest target of worm attacks”.

It struck me then that traditional forms of unconventional advertising probably looked rather safer to the consumer than the risk of being lured to a rogue advertisement on the internet with a hidden payload of misery waiting for whoever happened to click on it.

The sheer number of exploits now aimed at advertising sites must come as a worry to the industry. After all, when even reputable, brand-name sites are revealed to be carrying malicious code, sensible consumers are going to think twice before opening any advertisement on the internet these days.

With the Christmas holiday only two weeks away, the sales are already in full swing at the big computer warehouses. PCs are very much in the household commodity range and many businesses can reasonably expect their employees to own a broadband-connected PC at home in much the same way as they would expect them to have a television and a dishwasher.

This Christmas, we can expect to see another surge in PC ownership and tens of thousand of families becoming constituent members of Broadband Britain. But this rapid growth in connectivity is also likely to fuel a proportionately aggressive increase in efforts to attack and exploit anyone connected to the internet.

Regardless of all the efforts of industry and government, the bulk of the population simply cannot be expected to be computer-literate enough to avoid the dangers of life on the information superhighway. Not one of my immediate friends and family outside of the IT industry has a real clue as to how to protect their system other than by relying on pre-installed anti-virus software, which is invariably out of date.

Recently Avantgarde, a San Francisco marketing company, asked the legendary superhacker-turned-consultant Kevin Mitnick and Ryan Russell, author of Hack Proofing Your Network, to perform an experiment. They connected six “honeypot” computers to the internet using broadband DSL connections and then monitored them for two weeks. The results will come as a sobering lesson to all of us.

Over the two-week period, 305,922 break-in attempts were logged. One PC with Windows XP (SP1) was compromised in less than four minutes and recorded 139,024 break-in attempts, averaging 341 attacks an hour. A very good reason, unless you happen to be the Department of Work and Pensions, to make damn sure you are at least using Window XP Service Pack 2.

The machine they tested that had SP2 loaded recorded 1,386 break-in attempts, averaging fewer than four an hour. And when they placed a ZoneAlarm firewall in front of this, the figure dropped to 848 break-in attempts - an average of two an hour.

The moral of the experiment is that Service Pack 2 visibly and dramatically increases your odds of survival. But that is where the security should start and not where it ends, as the consumer so often thinks. Firewalls should be mandatory. Sadly they will remain a mystery to the greater part of the PC-owning population.

Setting the world to rights with the collected thoughts and opinions of leading industry analyst Dr Simon Moores of Zentelligence.

Acting globally, Zentelligence (Research) advises governments, suppliers, business and the media on the evolution, application and delivery of leading-edge technologies, and specialises in the areas of e-government and information security.

For further information on Zentelligence and its research, presentation and analyst services, visit www.zentelligence.com

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close