IT Security

Business Continuity Forum

It is rare these days to find any organisation which does not rely in some way on computer data. From the very largest corporate through to the very smallest business the need to maintain access to information is absolutely vital. This seems pretty straightforward and it could be said almost simplistic, obvious even. Maybe so, but what about the data that has been removed from your direct control, that exists on the huge banks of servers and hard disks that are located across commercial data centres both in the UK and internationally.

High Performers & Foundational Controls: Building a strategy for Security and Risk Management 

This Enterprise Management Associates White Paper discusses building a strategy security risk management.

With all the attention given to the increasing sophistication of threats, and the security implications of technology trends such as virtualisation and cloud computing, our enterprises ready for tomorrow's security risks? These are the questions being addressed in this white paper.

The White Paper concludes that for many organisations the answer is no!

Fire, computer viruses and human error are viewed as the main threats to corporate data by European businesses, according to a survey by storage specialists Hitachi Data Systems. The latest edition of HDS’s bi-annual Storage Index reckons that low-tech 'old fashioned' threats pose the greatest risk of upsetting the operations of European corporates.

Half of IT managers employed by large-sized companies believe it would be relatively easy to gain the core passwords for their computer systems.
That is the warning of a survey by IT security firm Cyber-Ark. It said that 10% of firms never changed their central administrative passwords.

A further 5% did not even bother altering the manufacturer's default password that came with the system.

The issue of security continues to be a major industry topic and understandably, especially as this is is one area of BCM that tends to have the highest profile . Many of the issues are closely linked to the increasing complexity and interoperability requirements of applications across a wide variety of Platforms. These problems are also compounded by the generally poor practices of many IT departments and internal users who continue to be a very weak link in the security chain.

US Hacker strikes thousands in the UK 

THOUSANDS of computers in the UK have come under attack from a hacker in the US stealing credit card details and personal information. The Metropolitan Police's Computer Crime Unit has launched an investigation into material recovered on an American computer found to contain personal data accessed using a computer virus. 

More than 2,300 computers in the UK are thought to have been targeted and some 83,000 files affected. Email addresses and other confidential data have been recovered, including passwords, credit card numbers and information about on-line transactions. 

The security leak was discovered following an investigation by a newspaper reporter from The Sun, who was able to buy bank account, credit card, passport and driving licence details of UK bank customers for just £4.25 each.

The call centre worker in New Delhi also told the reporter he could supply confidential data from 200,000 accounts per month. The newspaper handed a dossier with all the details to the City of London police.

Detective Inspector Oliver Shaw of the economic crime unit at City of London Police said in a statement: "Unfortunately we have no jurisdiction to prosecute in the UK so we have passed it through Interpol to the Indian authorities."

Extortionists attack business through DoS 

It has become common practise for extortionists to target net firms and threaten to cripple their websites with deluges of data unless they pay a ransom. Not all the e-criminals are able to follow through on their threats but when the Nochex site went down at 8pm it was time to sit up and take notice.

"We get quite a few, maybe once a month so we don't always take it too seriously," he said.

In this instance though Mr Malik did contact his service provider Pipex. "They told us we were being flooded by a zombie attack," he said.

Security experts attending the Wireless LAN exhibition found that anonymous hackers in the crowd had created a website that looked like a genuine log-in page for a Wi-Fi network, but which actually sent 45 random viruses to computers that accessed it.

source SC Magazine

Phishing email reached a new high in July, according to email security company Postini, which tracked more than 19 million phishing attempts last month. That number is the highest monthly total since Postini began tracking phishing in January.

July's total breaks June's record of 16.7 million phishing emails, the company said. While phishing attacks increased, the number of emails containing viruses decreased in July by 20 percent compared to June, Postini said.

The amount of spam remained stable at 88 percent of the total number of emails sent. The company processed more than 14 billion emails last month. Directory harvest attacks decreased 8 percent from June.

Gartner researchers have estimated that online debit card fraud, perpetrated via phishing and keystroke logging attacks, has resulted in $2.75 billion in losses in the past year.

END 

If you would like to know more about how your organisation can get involved and benefit from working with the Continuity Forum, please email us HERE! or call on + 44 (0) 208 993 1599.

Information  could have been used to clone credit cards

Police are investigating reports that an Indian call centre worker sold the bank account details of 1,000 UK customers to an undercover reporter.
The Sun claims one of its journalists bought the personal details from an IT worker in Delhi for £4.25 each.

They included account holders' secret passwords, addresses, phone numbers and passport details, it reports.

City of London Police has begun an investigation after being handed a dossier by the newspaper.

While the allegations made in the dossier are very serious, City of London Police would like to remind people that incidents of this kind are still relatively rare City of London Police

The centre worker reportedly told the Sun he could sell up to 200,000 account details each month.

Details handed to the reporter had been examined by a security expert who had indicated they were genuine, the paper said.

The information passed on could have been used to raid the accounts of victims or to clone credit cards.

'Reflect on decision'

More than one bank is thought to be involved in the fraud.

A police spokeswoman said officers were not yet aware of "the breadth of what we are going to be investigating".

"While the allegations made in the dossier are very serious, City of London Police would like to remind people that incidents of this kind are still relatively rare," she said.

The Amicus union said it had warned of the "data protection implications" of offshoring financial services.

"Companies that have offshore jobs need to reflect on their decision and the assumption that cost savings benefiting them and their shareholders outweigh consumer confidentiality and confidence," senior finance officer Dave Fleming said.

Continuity Forum Comment

In the past few months we have seen an increased media focus on the security of Electronic Banking Systems with both TV and Print news sources citing alarming lapses in the procedures followed.

While technology can go a long way to 'secure' information there remains for many the issue of the 'insider'.

Whilst a lot of time and money is spent combating external Security threats it appears as though there is still some way to go to protect the organisation and its stakeholders from the actions of someone on the 'inside'. Whatever the motivation, Greed or Revenge, the threat posed can be far greater both in financial terms and in damage to the Reputation of the organisation.

To help you consider the risks to your organisation we have listed below some of the common characteristics of the 'insider' below:

Insider Characteristics

The majority of the insiders were former employees.

• At the time of the incident, 59% of the insiders were former employees or contractors of the affected organizations and 41% were current employees or contractors.

• The former employees or contractors left their positions for a variety of reasons. These included the insiders being fired (48%), resigning (38%), and being laid off (7%). Most insiders were either previously or currently employed full-time in a technical position within the organization.

• Most of the insiders (77%) were full-time employees of the affected organizations, either before or during the incidents. Eight percent of the insiders worked part-time, and an additional 8% had been hired as contractors or consultants. Two (4%) of the insiders worked as temporary employees, and one (2%) was hired as a subcontractor.

• Eighty-six percent of the insiders were employed in technical positions, which included system administrators (38%), programmers (21%), engineers (14%), and IT specialists (14%). Of the insiders not holding technical positions, 10% were employed in a professional position, which included, among others, insiders employed as editors, managers, and auditors. An additional two insiders (4%) worked in service positions, both of whom worked as customer service representatives.

Insiders were demographically varied with regard to age, racial and ethnic background, gender, and marital status.

• The insiders ranged in age from 17 to 60 years (mean age = 32 years) and represented a variety of racial and ethnic backgrounds.

• Ninety-six percent of the insiders were male.

• Forty-nine percent of the insiders were married at the time of the incident, while 45% were single, having never married, and 4% were divorced.

• Thirty percent of the insiders had been arrested previously, including arrests for violent offences (18%), alcohol or drug related offences (11%), and nonfinancial/
fraud related theft offences (11%).

Organization Characteristics

The incidents affected organizations in the following critical infrastructure sectors:

• banking and finance (8%)

• continuity of government (16%)

• defence industrial base (2%)

• food (4%)

• information and telecommunications (63%)

• postal and shipping (2%)

• public health (4%)

In all, 82% of the affected organizations were in private industry, while 16% were government entities. Sixty-three percent of the organizations engaged in domestic activity only, 2% engaged in international activity only, and 35% engaged in activity both domestically and internationally.

Below we have outlined some of the effects on the organisation:

Consequences for Targeted Organizations

Key Findings

• Insider activities caused organizations financial losses, negative impacts to their
business operations and damage to their reputations.

• Incidents affected the organizations’ data, systems/networks, and components.

• Various aspects of organizations were targeted for sabotage by the insider.

• In addition to harming the organizations, the insiders caused harm to specific
individuals.

Supporting Data

Eighty-one percent of the organizations experienced a negative financial impact as a
result of the insiders’ activities. The losses ranged from a reported low of $500 to a
reported high of “tens of millions of dollars.” The chart below represents the percentage
of organizations experiencing financial losses within broad categories.
Percentage of Organizations Financial Loss

For the full 45 page Report or to comment on this piece please mail us HERE! or call Russell Price directly on +44 (0) 208 993 1599.

The banking firm has written to customers whose information was stored on computer tapes that were lost last month by courier UPS in transit to a credit office.

A unique new kind of malicious threat which locks up files on a PC then demands money in return for unlocking them has been identified. The program, Trojan.Pgpcoder, installs itself on a vulnerable computer after users visit certain websites and then turns files into gobbledegook, holding them to "ransom"