Protecting Against Hackers
Some reports state that someone on the inside, such as a disgruntled employee, performs 85% of all hacks suffered by organizations. Unlike a hacker who is entering through the outside system, the hacker for an internal attack knows the systems. The employee is familiar with the resources that are available and may have a set of passwords to start hacking. There may be internal systems that he is familiar with, and the employee could have applied logic bombs or backdoors to assist in any attacks. Keeping tabs in the workplaceThere are applications that can be purchased to keep tabs on what employees are doing on their workstation. Managers who are aware of what the software engineer or system administrator is doing on a daily basis can keep that person from becoming a hacker. An employee who knows he is being watched would likely be hesitant to do something he shouldn't do. It is the employee who works weekends and until midnight without the manager watching who has the time to establish a hack. Always be aware of what is being loaded onto the system's machine. Keep a running inventory of the programs that were installed. Check the list with some of the security sites for potential security risks. Be a minimalist when it comes to installing new programs. Only install programs that are by trusted and well-known vendors . Sometimes, I need to install programs to use for a month and then not re-use them for several more months. The program can be un-installed and re-installed when I need it several months later. Also monitor and be aware of what is running on the system computer. If the CPU usage of a machine is maxed out and there should be nothing running on the machine, obviously something harmful could be running in the background of the machine. Isolating your suspectsIf a hacker is suspected, set up a machine and account just for the hacker. Isolate the hacker into a machine that can be monitored and controlled with almost no utilities and access on it. Have the keystrokes and commands captured to log files. Isolating, monitoring, and controlling the hacker in a remote site can lead to the search and capture of the hacker. In many cases, the hacker will not know that he has been isolated, but may think that he has accessed an organization's system. Think like the hacker. Give the hacker a Trojan horse to download and find him. Because the hacker uses viral kits, sniffers, and other toolboxes where very little programming and computer knowledge is involved, the hacker may not be aware of the total damage that he may cause to a system. Many hackers are tracked by organizations to give the estimate of the damage done to the organization so they can fix the damage. It might be that the hacker cannot give detailed information but can only point to a hack kit that he got on the Internet. The organization should always be aware of the hacking products and security Web sites. Several hacking sites that I visited last year no longer exist, and I am sure that any information on their tools is hard to come by. Organizations should know their systems well enough that, if they are hacked, they can assess the damage themselves and not depend on any other information. Understanding your security systemThe biggest effort that can help in securing systems is to be security aware. Many companies are aware of the latest and greatest technologies, but when asked about security, their typical response is "We have a firewall." A firewall does help if properly configured, but I have seen people answering this question and then pulling down hundreds of software packages the next time they're attacked . There were so many programs on this person's desktop that a hard drive was added and when asked about the origin of some of the files, the response was "Just things collected over the years . I don't know where most of it came from." Even if the person was very technology aware, security should also be a big consideration. Some of the programs could be malicious without the person knowing. The suggestion was to compress and backup all of the files to a CD-ROM and later retrieve the files only when necessary. When considering security, be a minimalist with downloading and using programs of unknown origin. There may or may not have been malicious programs on this person's desktop. Usually, the only time that a hack is found is when it affects a system and it starts to cost money. Hiring an expertThe biggest advantage that an organization could have is having security requirements established by a security expert. Many organizations give the security requirements to a business analysis person who lacks the background to understand security issues. The security expert will always ensure that chances of a security risk are avoided. Security consciousness is, in many ways, just a frame of mind. Just as a person is motivated to learn new technology, so there is a frame of mind for someone who wants to learn new security techniques. In the security plan, have tiger teams test the organization's systems and plan to revisit the security needs of the organization at regular intervals. Have a designated security administrator visit the advisories of applications and operating systems found at www.cert.org/advisories .
 Java Security Solutions ISBN: 0764549286
EAN: 2147483647 Year: 2001
Pages: 222 Authors: Rich Helton, Johennie Helton
flylib.com © 2008-2017. If you may any questions please contact us: flylib@qtcs.net |
