Fabio Ghioni - Corporate Defence Against Dynamic Attackers

Corporate Defence Against is where the real danger lies. If, Dynamic Attackers for instance, they find a new way to hack into a company’s new Author: Fabio Ghioni wireless network, they can do all Company: Telecom Italia Group kinds of damage. For this reason, it is necessary that any hardware Address: Via Torino, 2, Milan, Italy that is implemented has to be se- Phone: +39 02 8595 5616 cured and protected in a proactive E-mail: fabio.ghioni@telecomitalia.it and continuous manner. Introduction New Technology and its Consequences Pervasive technology is becoming fashionable as well as useful. Technology keeps evolving and Everything you buy seems to have becoming more sophisticated. a communicating computer in it. Nowadays you can find an “intelli- Even the latest running shoes. gent” microchip in just about What the writers of Star Trek, anything you buy, from the key fourty years ago, prospected for ring for your house keys (that the 23rd Century, has become real- rings if you can’t find it in your ity in the 21st. Captain Kirk and bag) to the shoes on your feet Mr. Spock talked through wireless (the latest running shoes from ear/mouthpieces (the communi- Adidas sense the vibrations from cators), looked at the Universe on the ground, and adapt the sole of mega-screens, accessed data at the shoe so as to absorb them). In the touch of a button or with vocal the office everything is connected, commands. It has nearly all come you can make calls from your pc, true. We have Bluetooth ear- using the address book in your pieces, Smartphones, touch mobile phone, you can track a screens, plasma mega-screens courier package in real time, it has and an infinite number of other a RFID tags attached, from the electronic utilities that are all con- moment it leaves your hand to the nectable to create an ubiquitous moment it reaches its destination. network. All this technology is wonderful, Though all this technology can be even if it does sometimes seem a considered helpful in the chaotic little invasive. One of the greatest and stressful world we live in, the apparent advantages of the latest dangers of this technology trend innovations is the fact that they have to be seriously considered. occupy less and less space. The As it is well known, as soon as a first IBM mainframes occupied en- new product is launched on the tire rooms and had very limited market, the hackers and crackers capabilities. The latest laptops can bend it until it breaks and they be carried in a hand bag and come won’t be happy until they find all with a minimum of about 40-60 its breaking points. Not satisfied, Gb of memory, they connect to they will invent all kinds of reme- everything and anything (WiFi dies for the wounded toy and this networks have allowed man to

take an enormous step forward in with one or more individuals, in this respect). You can link up to order to communicate in real time your e-mail from the airport and in over the Internet. Until not so long certain cities around the world ago IM was used at home but, (where the WiFi network is suffi- over the last two years, it has ciently disseminated), even from gradually been adopted in the your taxi or supermarket. work environment, with or without companies’ placet. This also One of the greatest issues related means that corporate security to this new technology is privacy policies may or may not be pre- in conjunction with security. sent. Whenever an element is added to a corporate network or is adopted This rapid adoption of corporate by a private individual, it must IM is changing the nature of com- comply with either corporate poli- munications at work. Corporate cies or with the individual’s con- users find the interactive nature of cept of data protection and pri- IM communication particularly vacy. Furthermore, security man- useful for open collaborative dis- agers must endeavour to do eve- cussions. Yet, with all its benefits, rything possible to ensure that the IM offers a unique challenge to the network in toto and the individual corporate security manager. Initial media are resilient to possible ma- attempts by corporate security de- licious attacks from the outside. partments to ban or limit its use With regards to new media, such have been met with user as “Mobile Always On” computers pushback. For many organizations, and palm pc/phones (that allow IM is now a low cost productivity you to receive SMS, e-mails IMs and collaborative tool that is inte- on your phone with all kinds of gral to the work environment. The audio/video attachments), this reality is that corporate IM is here means that every effort must be to stay and security managers made to screen them from attacks must learn to deal with its impli- when they connect to the network cations. from remote locations. The users of these media must also be aware There are a few noteworthy rea- of the added risks of WiFi technol- sons for which IM in a corporate ogy and must take precautions environment poses such a large such as encrypting sensitive data security issue. Firstly, today’s ex- stored on the media. tended IM functionality opens the corporate to a wide variety of threats. Unlike the purely text- based IM transmissions of five Corporate and Real Time years ago, IM users today may Instant Messaging link audio, video and file attachments to message transmissions. Another ubiquitous technology is As such, IM may be exploited as a taking over corporate communica- means for launching and propa- tion: Instant Messaging (IM). gating malicious attacks such as Instant Messaging is a communi- worms or trojans. Many perpe- cations service that enables you to trated attacks in the recent past create a kind of private chat room have taken advantage of e-mail as

a means of launching malicious 1. greater interest from virus writ- code. Infection is often initiated ers based on the continued when the user clicks on an at- rapid adoption of instant mes- tachment or embedded URL. With saging by corporate employees IM’s extended capability for at- for business communications, tachments as well as embedding often without knowledge of, or URLs, hackers can exploit IM in a management by, corporate IT similar fashion. organizations 2. increased perimeter security Secondly, corporate IT organiza- for other attack methods such tions are still playing catch up with as Web access and email sys- regard to secure IM policies. Many tems being installed by IT de- security teams have been slow in partments responding to this proliferation of 3. Increased sophistication of at- IM. The use of IM has thus far tacks, including published been unregulated in many organi- methods that encourage copy- zations and hence poorly man- cats, multiple mutations of ini- aged. Often, users may be running tial attacks and migration of older versions of IM clients that new threats, such as social en- could be vulnerable to exploits. In gineering and phishing to IM some cases, no patch manage- systems. ment policy is in place for IM since it is not an “official” corporate ap- Unmanaged and unauthorized use plication. Users are often unedu- of IM within corporate networks cated with regard to the risks as- presents an increasingly serious sociated with IM. Besides the risks threat to corporate security and of malicious code attachments, must be eradicated. Probably the uninitiated users may treat IM as a easiest and most simple solution is secure communication medium to implement a corporate IM pro- when in fact IM communication is gram and totally ban all the others primarily unencrypted and can be that may have been used by the read off the wire. employees. Thirdly, until now, there have been With regards to Real Time IM, new relatively few tools available for generation telephones with “Mobile monitoring and protecting IM Always On” technology allow a communication. These tools need person to continuously send and to be able to detect malicious at- receive messages in all kinds of tacks targeted toward IM clients formats (as discussed previously). and servers. As IM becomes more On a corporate level, this can business critical and widely used, cause several problems, even if a vulnerabilities are being discov- company allows IM with a policy ered on a regular basis and the approved program, a person that number of security infringements has a new generation mobile is increasing exponentially. phone that also links into to the corporate network, can inadver- The increase in security threats tently act as a bridge for malicious can be attributed to three major attacks to the network. It is, areas: therefore, essential that employees and collaborators (ie. Consult-

ants) are aware of the risks that they themselves run as well as of the damage they can cause to the corporate network with the incau- tious use of technology media. Conclusions As technology develops and changes, we have to follow it at the same pace. Security measures that protect the users and the owners of the new media from malicious attacks by cyber crimi- nals, that are almost as dynamic as the evolution of the technology they attack, have to be adopted. To do so, corporations have to in- vest time and money in security awareness and defence measures. The latter have to be resilient in so much that they have to withstand even the most brutal attack, but they must also be sufficiently flexible to be modified in time as the nature of the attacks morph and as the components of the network change and evolve.

Fabio Ghioni - Corporate Defence Against Dynamic Attackers

by Fabio Ghioni on Jul 06, 2009

Accessibility

Categories

Tags

Upload Details

Usage Rights

Statistics

Fabio Ghioni - Corporate Defence Against Dynamic Attackers — Document Transcript