Summary

The main messages of this chapter are as follows:

• The Internet security threat is real.

• Attacks are on the increase.

• Attack tools are easy to acquire and are sophisticated.

• Being attacked is costly.

• Never underestimate the intelligence or resolve of a hacker.

• You can defend against attacks.

Based on CERT/CC, hundreds of security incidents occur every day. Depending on the severity of the attack, an attack on a business might cost a substantial amount of money in lost revenue and recovery operations, in addition to intangible costs such as losing customers, partners, and investor confidence.

CERT/CC also indicates that security incidents are on the rise. The increase year over year for the past five years is approximately 100 percent. This increase indicates that if you have devices connected to the Internet, your chances of being attacked are increasing each year.

Attack tools are available on several hundred sites on the Internet. To obtain tools, someone just needs to go to one of these sites and download the tool, just like you would any freely available piece of software.

These downloadable tools are sophisticated. With these tools, hackers can gain administrative access to your system, enabling them to do anything on a system that you would be able to do as a local administrator. This access includes reading e-mail, sending e-mail, looking at or stealing important data, copying files to their own machine, setting usernames and passwords, deleting files, scanning keyboards, and many other malicious activities. In addition, more-focused tools might be used to sniff your network looking for usernames and passwords for websites or local network resources. Remember that these tools can also steal usernames and passwords (even SSL-protected usernames and passwords).

The cost of being attacked can be high. Some costs can be readily valued; these are called tangible costs. Other costs are difficult to value but could be devastating to a business; these are called intangible costs. Tangible costs include things such as loss of revenue and the administrative cost to recover from an attack. Intangible costs include the loss of business you might incur if customers find out that their information such as credit card numbers or social security numbers have fallen into dangerous hands, or shareholders who are no longer willing to own your stock because an attacker compromised your engineering secrets and sold them to a competitor.

Although some hackers attack for profit and fun, others do it to further the security awareness in the industry. Either way, they are capable individuals don't underestimate their knowledge or resolve. You only need to attend a security conference and see firsthand that these people are highly intelligent and motivated. The one thing a business has going for them is that many hackers, generally speaking, look for easy-to-exploit systems, and with millions of computers on the Internet, hackers have an easy job finding vulnerable systems. Deploying effective security reduces your chances of attack.

The most important thing to remember from this chapter is that you can defend against Internet attacks. The ASA/PIX Security Appliance, the Adaptive Security Device Manager (ASDM), and the Cisco Security Agent make it possible to build a security system that is difficult, if not impossible, for the average hacker to exploit. You will read more about these technologies in the subsequent chapters of this book.