Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

IT threat landscape explained

Cyberoam : 05 November, 2008  (Technical Article)
Harish Chib of Cyberoam gives an explanation of the various cyber crime threats that exist and how to avoid them
Cybercrime refers to criminal offences committed with the aid of communication devices, usually over the Internet. Anyone with a smattering of online knowledge should know something about some of these online dangers, even if they don't fully understand them.

The general public has been well advised not to respond to spam, not to open emails from unknown contacts, and only to shop on sites with a trusted certificate or secure server. The corporate user sometimes signs an IT policy explaining security protocols, and if they are IT staff then they pick up safety knowledge on the job.

Worryingly though, many workers in the office environment just don't pay any attention to security because of a false sense of confidence brought on by the knowledge that 'someone' is protecting them.

Sometimes it seems like workers use corporate IT just like the company workstation was their own home PC. Surveys have found that the internet is enmeshed in people's working lives, with 46 per cent of British workers who have internet access at work conducting online banking, and 19 per cent using social networking sites such as MySpace and Facebook. Instant messaging (18 per cent), file sharing (13 per cent) and downloading of media files such as MP3s (ten per cent) are also worryingly popular[1].

This kind of use opens the network to whatever harmful and malicious code may be imbedded in illegally downloaded content, in humorous email attachments and inserted into popular legitimate sites by hackers.

Even a casual IT user has heard of the following threats, but may not understand how they work.

Hacking: the unauthorized remote computer break-in via a communication network by persons with malicious intent. Hackers attempt to gain access to your computers for their own, criminal, ends.

Phishing: the fraudulent practice of sending emails purporting to come from a genuine company operating on the Internet, in an attempt to trick customers of that company into disclosing private information. Phishers want to steal from you.

Spam: also known as bulk e-mail or junk e-mail involves nearly identical messages sent to numerous recipients. Spammers either want to get you to buy something, insert a virus onto your computer or get your information to steal from you.

Viruses: a virus is a self-replicating program that spreads by inserting copies of itself into other executable code or documents. A computer virus behaves in a way similar to a biological virus, causing damage.

Security solutions to these problem fall into two camps, social and technical.


Firstly someone needs to take charge of responsibility for security; not just the IT staff as a group, a single person or persons must bear responsibility.

Secondly, all users must be made to sign and understand the reasons behind an acceptable use policy. By detailing what is and is not acceptable on company computers users can be taught best practices.

Thirdly, those infringing the IT policy need to be educated or disciplined depending on the nature of the infraction and the seriousness of any security breach. This should not be ignored as bad behaviours quickly become ingrained and could lead to an escalating level of risk for the organisation.


The variety of threats in the malware ecosystem demands users make use of a variety of countermeasures. Organisations use antivirus, anti-spam, firewalls, virtual private networks, encryption, intrusion prevention and even web application filters.

Each technology guards against a specific threat, and all need to be kept up to date fanatically to stop ever-evolving threats breaking through your defences.

Many organisations find the ideal solution for time effectiveness and value is a unified threat management (UTM) appliance which combines best of breed technologies across every facet of security in one easy to manage device. Such devices can be configured easily and simply for organisations of any size and complexity.

The insider threat:

Most defences are outward facing and focus understandably and sensibly on incoming threats like virus laden email attachments, attempted entry by hackers and the floods of spam that we all receive each day. This makes good sense as we are all conditioned to look 'beyond the walls' to threats.

However, more and more organisations are becoming aware, often painfully, that modern threats are more likely to originate from within the corporate firewall. Many of these are not as malicious as outsider threats, often being born out of carelessness rather than a desire to cause security breaches for profit.

An organisation can secure itself in one of two ways from this kind of behaviour. The first is the easy but easily circumvented method of blocking websites and password protecting user accounts and files. This 'ticks the box' for securing systems at many organisations but does not stop advanced users getting around piecemeal approaches.

Most technological solutions are not able to defend against determined insider threats because that is not what they were set up for. A UTM appliance featuring identity management offers a comprehensive solution which guards against threats from without and within the firewall by monitoring and supporting users rather than a general IP address.

Top pitfalls and measures to avoid becoming a cyber-victim:

1 Thinking that 'someone' is looking after me, that nothing harmful will happen: Always be on your guard and notify co-workers when they misuse IT.

2 Using peer-to-peer filesharing at work is avoiding the virus scanner:
P2P software just opens up the corporate network and allows anything to come through, including malicious code.

3 Spam is NOT a nuisance:
Spam is a tool used by cyber-criminals to target both individuals and businesses with the objective of stealing data, money or infecting a computer. Treat each item like a live barrel of toxic waste.

4 Don't set and forget your policies:
Review them and ask users how the IT policies affect their working practices for good or ill. Feedback will enable the CIO or IT department to refine and improve to enable workers to use IT in the best way for the organisation.

Caution and prevention will enable most organisations to steer clear of danger, the important thing is to inculcate the correct mindset in users and ensure that administrators cover all bases and update their protection as soon as fresh security becomes available. Looking ahead, insider threat protection will play a crucial role in securing networks of the future. Watch this space…
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo