Simon Heron – SecureNet

We’ve just published our September threat stats, and the treat of phishing attacks remains at a consistently high 33.2%. Although the overall level of spam and viruses has fallen slightly, it’s vital that IT managers and departments do not drop their guard against what are increasingly sophisticated exploits.

We recommend that IT departments use the opportunity of employees returning from their holidays to remind them about company internet policy. They should also take the chance to review their knowledge of the current threats, and update procedures and security systems as necessary.

As we can see in the stats, the level of viruses originating from Brazil has risen by two per cent and China has replaced Korea as the third largest source of spam (although it’s levels of spam only increased by one per cent).

Brazil is back as the number one source of spam and viruses.

More details on our September threat stats can be found at the Network Box site.

I’m delighted to say that SC Magazine has awarded Network Box a five-star rating in its review of IDP solutions. We were rated five out of five for features, ease of use, performance, documentation, and support, with an overall rating also given of five out of five.

I’m particularly pleased with this, as our IDP/IDS solution is just one component of our UTM managed service, and this review pitted us against a number of pure-play IDP systems. We’ve always believed that security built to work together is better than bolted on solutions, and it’s great to have independent endorsement of the individual components of the system, as well as the overall package.

To see the review, visit: http://www.scmagazineus.com/Network-Box-v32/Review/2945/.

We’ve just released the second guide in our ‘Forgotten Security’ series, ‘The Hole in the Wall’. The new guide discusses the simple mistakes which result in data being regularly routed incorrectly by IT teams. Mistakes that leave holes in a company’s network security.

We examine some of the most common examples of badly configured routing, including the problems caused by triangular routing, firewalls implementing Proxy ARP, misdirected packets and mis-configured Virtual Local Area Networks.

As our networks expand, the routing involved becomes more complex, requiring more management, specialist knowledge and attention to detail. It’s often the case that IT managers have made their systems work by simple trial and error, and don’t want to mess with a system that seems to be working perfectly well. Others know that there are things they should be checking and updating regarding network routing, but put it off, fearful that tampering with something which seems to be doing okay will bring the whole network crashing down around their ears. However, these are important issues, which will, if left un-checked, render the company firewall useless.

We’ve just published the first whitepaper in our ‘Forgotten Security’ series. The reasoning behind this series is that often it’s the simple things that businesses don’t do – like monitoring the applications they use – that cause network vulnerabilities.

The paper focuses on the increasing number of applications used within businesses (including web-based applications) and the subsequent increase in both SQL Injection attacks and vulnerabilities present in social applications (such as P2P software). As these applications are not built with businesses in mind, they are often inherently insecure.

Understandably, ‘high profile’ threats often grab our attention when it comes to the security of our business systems, but we must not ignore the vulnerabilities in – and therefore potential threats from – the applications and hardware that we use on a daily basis. Of course, we must continue to protect our networks from the usual viruses, Trojans and malware, but at Network Box, we have found that often it’s the simple but overlooked security flaws that ultimately bring down the network.

We advise IT managers to review regularly the number of applications used across the business, test them for vulnerabilities and failures, and ensure that employees are clear on how to use these applications correctly. In our guide, there is also practical advice for monitoring applications, security systems and hardware.

If you would like more information, the paper is available for free download at the Network Box site.

Our next guide in the series will be released shortly.

With the explosion in the number of web accounts we all hold, comes the problem of how to remember dozens of different log-in details. What do most of us do? Mostly, one of four things:

1.    Keep passwords too simple – making the hackers job easier
2.    Use the same password for multiple websites
3.    Write passwords down, often keeping them near, or on, the computer because we can’t remember them
4.    Rely on the ‘forgotten password’ feature on websites (which is itself basically flawed. As long as someone can gain access to our email account, password retrieval is easy

It’s hardly surprising, then, that we’re facing an increasing problem with identity fraud, particularly card-not-present (CNP) fraud.

We rely on the same username and password principle today that we did at the beginning of IT security, and it’s getting to the point where it is no longer a viable solution. Some banks try out various multi-factor authentication techniques (such as card-sized security code generators), but even these will run their course, for who will be able to carry enough of these devices for every online account they hold?

I don’t have all the answers, but I do hope to start a debate around how we can change the methods we use to authenticate users. I believe that it’s one that the financial organisations in particular should be putting significant time and resource into finding a solution.

We discuss these issues in a new white paper – Authentication, who are you – on our site You can download it here.

Summer holiday season is almost over, soon the kids will be back to school and most of us will be back at our desks. The time spent away from computers may be one explanation for the slight drop in spam and viruses that we have seen this month.

While July saw a massive 300 per cent increase in the volume of malware sent, August has seen figures dip back to June levels, which equates to about four viruses per customer, per hour. Spam is also down to an average of 90 spam emails per customer, per hour (a figure that saw a peak of about 120 in May). Phishing attacks, whilst remaining high, are down by three per cent from last month.

The US and Brazil continue to dominate the virus charts, with Brazil the biggest source of spam and Korea claiming the title of biggest source of intrusion attacks (17.3 per cent of all such attacks).

Will there be a return to the June malware high now that the summer holiday season is over? We can only wait and see.

For full details of the August statistics visit the Network Box site.