|
Monday, February 19, 2007
Against the backdrop of increasing attacks on the IT infrastructure, Richard Stiennon of Fortinet feels there is dearth of inhibitors to counter the escalating threats. With attackers becoming more innovative in development of lucrative business models, it is time that organizations beef up their security infrastructure
Given that cyber crimes are on an increase, how have attackers changed their modus operandi? Is cyber crime turning into a lucrative business? If yes, how?
Cyber criminals are expanding their horizons. On the technology front, they are researching and discovering zero-day vulnerabilities in Windows (iFrames, WMF) and deploying them for profit. Cyber crime is truly very lucrative. From the extortion attacks that garner tens of thousands of dollars to credit card thefts which can earn the thief $12 to $100 per stolen credit card, it is huge money.
Cyber criminals are changing their modus operandi to become much more entrepreneurial.
 |
Richard Stiennon
CMO, Fortinet |
In the contemporary scenario, who are more vulnerable to attacks? Are smaller organizations also targeted? What about home users, government and other sectors?
Medium enterprises with important web assets such as an e-commerce site that contributes more than 20 percent of their revenue are the most vulnerable. However, the scope of attacks is escalating and even large enterprises should take a fresh look at their risk profiles. In summary therefore, small as well as larger organizations are vulnerable to attacks although the degree of vulnerability could vary.
What is the nature of attacks today? Which part of an organization is more vulnerable? Is it the entire IT infrastructure or network specific?
The entire IT infrastructure is vulnerable. The network only enables the hacker by providing the avenue of attack. Web applications are vulnerable to business process hacking. Credit agencies, export-import and financial transaction sites have all been hit by attackers who purchase limited access and then abuse the underlying business logic to steal more information than they paid for. Employees are vulnerable to social engineering attacks and bribery that could lead to stolen IP and personal data.
Are the attacks that happen today restricted to phishing and identity threats? Or are they more complicated, bigger and tougher to tackle?
Today's attacks are moving beyond phishing and ID theft on the individual scale. Attackers are targeting large repositories of IDs and credit cards. They are going after banks and are messing with reputation systems at Myspace, Digg, YouTube, etc.
Would more abuse of the Internet and IT infrastructures become the order of the day? How can one prevent or reduce damage to their IT infrastructure from these threats?
Yes, as always, the load on IT security departments is going up. So attacks in varied forms would increase. There are three key areas that IT should concentrate on to prevent incidents and limit risk. Firstly organizations must really beef up network security at both the gateway and the LAN interface. Additionally there is a need to roll out and maintain a patch management system for desktops and servers. Last but not the least there is a dire need to enhance authentication by deploying tokens or some other physical device.
Given the above, what according to you would the security scene in 2007 be like?
Certainly, there will be a greater increase in the attacks on IT infrastructure. First there would be 100 percent growth in revenue for cyber crime. There will be an added focus on enterprise data stores; DDoS in support of phishing attacks and continued attacks against DNS. Identity theft will continue to rise and there will be more attacks against wireless networks. MySpace would grow up and get secure and YouTube would be spamming abuse. Also the network infrastructure could show signs of overloading. Interestingly, the spread of Windows Vista will have zero impact on the overall threatscape.
Are users and organizations aware of the impact of such threats? Are they ready to overcome the same?
As the drivers for cyber crime increase, there is a lack of inhibitors to counter the escalating threats. Attackers are becoming less innovative with threats; however, they are becoming more innovating in their development of lucrative business models. While organizations are working to beef up their security set-up, many users and organizations are continuing to be complacent. Most of the remedial steps are taken only often an organization has actually suffered an attack.
What new products and solutions does Fortinet have on offer to reduce the impact of the damage by such attacks? Are your channel partners equipped to provide required solutions to your customers?
Fortinet has systematically built new defenses into our core architecture, an ASIC hardware appliance. While adding anti-virus, anti-spam, IPS, and web content filtering to our Fortigate series of appliances we have also incorporated networking capabilities such as routing and layer two switching. Fortinet has created the first ever converged network security platform in the FG-224B, a single appliance that incorporates all level, of threat mitigation with routing and switching capabilities.
BM Subbalakshmi
Source: DQ Channels
|
