COMPUTER SAFEGUARDS
Whiz shares insight on various threats to information security.
By Kraig Lane
Hackers” and “crackers” are the two terms usually used to label those involved in computer intrusion. However, it is easy to use the neutral term “intruder,” regardless of who is trying to get into your small business system. Most intruders scan large parts of the Internet searching for systems that are vulnerable. When they find them, they gain entry very easily, regardless of whether it is to an international organization or a small mechanic’s workshop. Don’t kid yourself that you can avoid attack just because your company is small and unknown. Everyone is affected to the same extent.
Viruses
When information security is mentioned, viruses always enter into the discussion, but this was not always the case. Viruses were always a theoretical threat, and there was a time when computer experts debated whether what would become known as viruses could pose a real danger to systems and networks.
The debate was concluded in 1984 when the researcher Fred Cohen coined the term “computer virus.” He presented an experiment proving that harmful computer viruses were a realistic possibility. When viruses began to be combated systematically by antivirus utilities, virus writers fought back by developing polymorphic viruses that alter appearance when they are copied. However, this problem was solved rather quickly. Despite the fact that over 70,000 viruses have been created, relatively few have actually succeeded in spreading and infecting users. During these early days, they were often easy to remove and as they spread slowly, it was not necessary to update antivirus software more than once a week.
 |
 |
Today hardly any traditional viruses are released at all. Those who used to write viruses have now turned to worms instead. A worm is a program, similar to a virus, which spreads through networks either locally or over the Internet. Worms can spread without any human intervention between servers on the Internet and propagate by transmitting exact copies of their malicious code to other computers, which is then run automatically. Worms can appear in the form of blended threats and in their simplest form they are not destructive, but cause damage by overloading affected systems.
Most worms to date have spread via e-mail and have required active user participation by double-clicking attached files. However, many worms now spread automatically by exploiting known security loopholes. The spread of worms does not only affect the infected small businesses. Sometimes the flood of worms is so great that connections to the Internet as a whole can become extremely slow.
Trojan Horses
Trojan horses are actually a type of hacker tool. In contrast to worms and viruses, Trojan horses cannot spread themselves. Just like the Trojan horse of mythology, Trojan horses are not what they seem. They can take the form of ordinary computer programs that appear useful or interesting, but conceal malicious code. Often this disguise is so appealing that the recipient is fooled into accepting the Trojan horse or downloading its program from the Internet. Once in place, the Trojan horse can invite intruders or perform operations such as opening a backdoor to the Internet so that an intruder can take control of the system. Many Trojan horses steal passwords or install code that copies every stroke on the keyboard to a hidden file. This information can then be sent to a hacker.
More and more Trojan horses spread by being automatically downloaded to a user visiting a Web page containing hidden instructions, which then run unnoticed on the user’s computer. All the user sees is that they are reading a Web page. It is therefore very important for all small business users to have up-to-date antivirus programs and personal firewalls.
| Kraig Lane is the Group Product Manager for Symantec Corporation. As group product manager at Symantec, Kraig Lane is responsible for the overall management of Symantec’s consumer Internet security solutions. He works to define product objectives and strategies for Norton Personal Firewall, Norton AntiSpam, and Norton Internet Security, cornerstones of Symantec’s thriving consumer business. Lane also utilizes his vast knowledge of the Internet security space to drive the development and introduction of new solutions to tackle emerging online threats. Previously, Lane was group product manager for Symantec Client Firewall, which is Symantec’s enterprise firewall for desktop and notebook computers. |
By themselves, worms, viruses and Trojan horses can be highly damaging, but combined they can wreak even greater damage to servers, workstations, and websites. These blended threats use a combination of mechanisms to achieve wider, faster distribution and cause more serious damage. Usually they consist of a worm or Trojan horse that also exploits security loopholes in operating systems or other programs.
One of the best-known blended threats was the Nimda worm, which, in September 1999, spread to over two million servers and personal computers in a single day. Blended threats spread much more easily and faster than ordinary worms, as they require no active participation by the user. All it might take is for you to visit an infected website or for your own computer to be set to preview e-mail messages.
To counter blended threats, protection must be introduced at several levels in any small business. A threat that targets several weak points in a small business network simultaneously cannot be dealt with by a single security tool. Just having an antivirus program is no longer sufficient: Small businesses should combine antivirus, firewall, and intrusion detection technologies to put a stop to the spread of such threats.
Phishing
Phishing is a rapidly evolving phenomenon, which uses social engineering techniques to attempt to steal personal information, including bank and credit card details, via e-mail. Recently, many Internet users have been subjected to phishing attempts, when they received e-mail messages that were designed to look as though they came from legitimate organizations such as banks. These Internet conmen employ various techniques that make it impossible for people to see that the Web links they are encouraged to click on lead them to illegitimate Internet sites. Once at these sites, they are tricked into answering questions that are supposedly from the company, but that actually result in the customers disclosing confidential information on their accounts directly to the bad guys.
Spyware
As the name implies, spyware programs can scan systems or monitor activity, then relay that information back to other computers. Spyware is often installed without the user’s knowledge or consent. Spyware is used to gather information about a person or organization without the user’s consent. These small applications can monitor a user’s keystrokes, IM conversations, and e-mail messages looking for certain information. Spyware is often used to capture passwords, login details, account numbers, or other confidential information or files. It can also gather and transmit information about computer usage, such as which websites a user visits or which applications are running. Spyware can also cause your computer to run noticeably slower. This is because your computer is now working part-time for someone else.
Conclusion
You need computers and the Internet to run an efficient, modern business but strangers, employees and natural disasters can harm your business in multiple ways. To ensure you’re protected, keep up to date on what the risks are, install and maintain protective software, back up your files, and implement policies and procedures that minimize the risks to you, your employees, and your business.
Advertise | Subscribe | Contact Us | Links | Bookshelf
Start a Biz from Home | Pros & Cons of Franchising
The Right Franchise | Investigate a Biz Opportunity
101 Tips | The Perfect Name