Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec

Protecting data beyond the perimeter.

InfoSecurity Europe : 29 February, 2008  (Technical Article)
Jim Doherty of CipherOptics explains the importance of having data protection at the heart of an IT security strategy to prevent criminals gaining access to it after it has left the perimeter defences.
When you look at the evolution of cyber crime, it is clear that day-by-day, businesses and consumers are facing even more serious threats to their security. Phreaking, hacking, viruses, worms, identity theft - what's next?

Before looking at what's next, we must take a look at what's now. One of the more troubling aspects of network security is that threats change well ahead of IT's ability, or sometimes willingness, to adopt new measures. First a threat emerges and then the IT community responds. By then, the bad guys are already looking for a new weakness to exploit. There may actually be hundreds or even thousands of hackers looking for new ways to penetrate perimeter defences or operating system loopholes. Once an exploitable weakness is found, the methods to take advantage of it are distributed and the race is on for IT to plug the hole.

Previously, the back and forth battle between hackers and IT departments was led by a group of disconnected loners on the hacker side of the fence. Typically under resourced and by their very nature secretive, these hackers went after whatever targets of opportunity they could find. Tips, tricks and best practices were shared, but hacking was more of a social function than a directed attempt to accomplish a mission objective.

Unfortunately there is a very troubling trend emerging in cyber crime; a trend that may actually tip the scales in favor of the hackers. The hackers are uniting and forming organized groups. These groups are well funded and are staffed with large teams who may have higher skill sets than your IT department. They are likely going after a specific target and have a project plan with a goal and milestones along the way.

So who are these criminals? More importantly, what do they want and what can you do to stop them?

Organized Crime: Forget about Tony Soprano and his stranglehold on the Sanitation Workers' Union. The gangster you need to be worried about is Sergi Ivanov and his band of Romanian hackers. Over the past few years, Eastern Europe has emerged as the epicentre for identity theft. Through spear phishing, database cracking and a variety of other methods, these groups are stealing your customers' credit card numbers, social security numbers and mother's maiden names. Stolen in bulk or one at a time, this information is sold on the black market for a high profit. There is even an eBay of sorts for stolen credit card numbers.

Outsourced IT Chop Shops: Remember those hackers we used to be worried about? A lot of them were teenagers operating out their parents' houses. Well they grew up. Some of them never got the hang of the nine-to-five job, but they have bills to pay now. Why not just use the skills they've acquired and get paid doing what they love to do: hacking. In fact, there's a booming economy out there for hackers for hire. These groups have their own conventions and job boards just like legitimate IT contractors. So unlike before when these hackers would look for just any old system to hack into, now they have a specific target to hit and are being paid good money to hit that target. Worse is that they are working in teams; some may even have performance incentives built into their job contracts.

Foreign Governments: As if the idea of organized groups of hackers wasn't scary enough, there is now growing proof that some governments are in on it too. Even with all the hackers out there, some people feel safe because there are so many targets available, allowing you to "hide in the crowd." What happens, though, when a government with seemingly infinite resources at their disposal starts to monitor all the data moving across their networks? Hiding in a crowd no longer works because every last bit and byte moving across a WAN can be sniffed and stored. Pattern recognition programs can be used to weed out the data that may be valuable to someone, whether it's financial data, intellectual property or strategic plans. If Chinese hackers (assumed to be backed by the government) are able to breach the Pentagon's network, it's a good bet that they are sniffing packets on China's Telecom networks too.

The really bad news in all of this is that most companies still don't get what these hacker groups are after - and because of this, they make it easy for the hackers to retrieve the sensitive data. Companies are just about handing over the data on a silver platter.

The hackers don't care about taking down your network or disrupting your e-commerce solutions. In fact, they want your network to be up and running because when it is, you are moving data around on it, lots and lots of data, which is exactly what they are after. Your data is worth money. Your data is what they want.

"But I have data protection solutions installed," you say. "I have IDS and firewalls," you shout. And the hackers smile because they won't bother breaching your network (unless you leave the door wide open). No, instead they will monitor the WANs and wait patiently for you to send the data beyond the firewall and other perimeter based defences; over the service provider network you think is secure; and then maybe even over the Telecom system where the hackers have an inside guy or even completely own outright. Ultimately, the data arrives at the destination and gets safely brought behind another set of perimeter defences. The data is all there on the receiving end so nobody has stolen it, right? Wrong. As soon as the data leaves your perimeter, criminals can siphon it right out of your hands. If you are not protecting your data "between the rings," that is, as it moves between the various perimeter defences you have set up on all your LANs, then you might as well just send the criminals a disk with the data on it. It would save them a step, which they would surely appreciate.

The first thing that any IT group can and should do is to recognize that these criminal groups are after data, not the network. Therefore, any and every security strategy should have data protection as its primary purpose. Firewalls only keep people off your LAN and for the most part can easily be breached. IDS systems do not protect your data; they just let you know when the rest of your security solutions have failed.

IT groups can get ahead of the game and break the cat-and-mouse cycle by adopting proactive security measures. If your security solutions are set up to alert you in the event of a breach, it's already too late. Organizations should deploy solutions that keep the bad guys from getting your data in the first place.

Encryption is especially effective here because even when hackers get access to the data stream (and you never really know when they do, especially "between the rings"), the data is useless and worth nothing. The best protection you can ever have from data thieves is to have nothing they can profit from. You have two choices: stop moving data around or encrypt it.

Jim Doherty is the chief marketing officer of CipherOptics, a Raleigh, N.C.-based network-wide encryption solutions provider. Offering an innovative policy and key management solution, coupled with high speed, low latency encryption technology, CipherOptics helps its customers mitigate the risk of data leakage, loss and theft over any network.

CipherOptics is exhibiting at Infosecurity Europe 2008, Europe's number one dedicated Information security event. Now in its 13th year, the show continues to provide an unrivalled education programme, new products & services, over 300 exhibitors and 11,700 visitors from every segment of the industry. Held on the 22nd - 24th April 2008 in the Grand Hall, Olympia, this is a must attend event for all professionals involved in Information Security.
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo