Direct Hacking Down; Virus Problems, Wireless Network Misuse Up
from the changing-times dept
The latest study on computer crime and security shows that, for the first time in a while, direct attacks on corporate information systems are on the decline — from both inside and outside the company. In fact, it appears there was a significant decline in insider’s attacking corporate systems. Of course, that’s because they’re all abusing the WiFi. It’s not at all clear how an insider in the company is likely to be “abusing” a wireless network set up by the company, but the report suggests it’s an “emerging threat.” Meanwhile, the biggest issue for most companies remains virus attacks and the fact that whatever anti-virus software they’re using doesn’t seem to work. At all. Either that, or they can’t convince their employees not to click on random attachments. Well, in that case, at least we know it’s the executives who are screwing up.
Comments on “Direct Hacking Down; Virus Problems, Wireless Network Misuse Up”
And over in Japan...
There has been a crime wave by scammers who send postal bills from a “collection agency”, with realistic “final notice” labels, etc. The bills talk about “service charges” for embarassing-sounding names like “Suki’s bath house”, etc., hoping that husbands would cough up the money before their wives see it. The scammers have even called up the victims on the phone, claiming to be lawyers.
The article (in Japanese) is at
http://www.kokusen.go.jp/soudan_now/twoshotto.html
Corporate solutions
When a report says ‘corporate’, I read medium to large company or organization. For organizations of that size, I am shocked that they would not have implemented the following by now as my employer has: 1) e-mail firewall that virus scans mail and strips executable attachments and optionally handles content filtering, 2) enterprise virus scanning that centrally deploys, updates, and monitors antivirus software, 3) stateful inspection firewall and some type of outbound web/ftp proxy; a combination that allows blocking suspicious incoming and outgoing traffic, 4) for Microsoft shops the free download Software Update Services, which deploys OS and IE matches very efficiently, and perhaps 5) web filtering of known explicitly sexual, cracking, and exploit sites that are the biggest web risks for hostile code. With such solutions in place, such mundane problems are all but eliminated. With about 2000 seats, my employer hasn’t had any significant issues in several years. [full disclosure] I’m one of the IT guys who has been responsible for implementing said solutions, with management approval.