As an outsource security partner BAI provides managed security, managed firewall, managed ids, content filtering, internet security, network security, penetration testing, and vulnerability testing.

managed ids, content filtering, outsource security, vulnerability testing, internet security, managed intrusion detection, managed firewall, security audit, penetration testing, network security, information security, managed security, Firewall Notification, Voice Over IP, Fixed Costs, Security, Auditing, Reporting, Policy, Monitoring, Networks, Protection

  BAI Security works with internal IT teams to provide firewall and IDS management, content filtering, custom threat alerts, Internet and network security and penetration and vulnerability testing.BAI Security works with internal IT teams to provide firewall and IDS management, content filtering, custom threat alerts, Internet and network security and penetration and vulnerability testing.  
  ServicesAbout UsPartnersNewsContact  
   
 
 
Articles & Press Releases

What You Should Know About Hackers

September 2, 2002
By Michael Bruck

Q: Lately, I've heard a lot about information security problems. What do I need to know about hackers?

A: The world of hacking is becoming stronger each day. In fact, statistics on security breaches, which are restated daily, are on the rise--and those figures only include those companies that report security breaches.

It seems like every time a new software product is developed, a new hacker is born. This remains the case, even after months of security testing. Most security holes in software are not found by software makers, but by independent users or hackers.

The problem has become so prevalent that the U.S. government now sponsors "hacking conferences." Government-funded computer research facilities have identified thousands of vulnerabilities in computer software over the past year. The government runs programs and then asks hackers to find vulnerabilities. One of the rules is that hackers must be responsible and report programming mistakes.

Then there's Black Hat, a conference and program sponsored by PricewaterhouseCoopers, Microsoft and other companies. It consists of two days of presentations that show attendees how to break into and protect computer networks. The presenters are often professional hackers.

Hacking has become so widespread that "hacker communities" are all over the Internet. Here, hackers commonly share their findings with others in their community. They like to brag, share stories, learn off each other and generally bask in the limelight of what they're doing.

Unfortunately, hackers are everywhere. One expert recently warned the government and companies about vulnerabilities in cheap and simple wireless networks, which have become popular in businesses and homes. In fact, most wireless networking products are extremely easy to break into, and they're sold with almost no security options enabled. The networks exist within companies as well, inviting even the most amateur of hackers to break in. On the consumer front, millions of households are getting connected and therefore becoming vulnerable to online crime. It's kind of like leaving the bank door open all night without a lock.

The first step to protecting yourself is to understand your enemy. What motivates a hacker? Consider the following:

  • Disgruntled employees wrecking havoc upon their employers as a last desperate act of revenge: This is no surprise, given all the statistics that show that the highest percentage of hacking comes from within companies. According to a PricewaterhouseCoopers survey, 58 percent of companies surveyed reported authorized users and employees as the source of a security breach or corporate espionage act within the past year, while 35 percent said the sources of attack were unknown. All other statistics and surveys substantiate this, with figures regularly exceeding 50 percent.

     

  • To disrupt a network or to shut it down completely (known as a denial of service attack): One such incident occurred in 2000 when eBay, Amazon.com, Datek and other high-profile sites were hit with a denial of service attack. Security and government officials considered it a "meltdown" of the Internet.

     

  • Financial gain: This includes the theft of customer data, corporate trade secrets, competitive information or actual money.

     

  • Data destruction: creating the loss of data on a Web site and intercepting the data flowing from or to a Web site, whether this data is encrypted or not. This includes the rerouting of data intended for a particular site or overloading a site with data not intended for it, thus crippling the server and rendering a site useless.

     

  • Unauthorized altering or downloading: Refers to the inappropriate use of data, whether copying or updating, by someone without the proper security rights. This of course was made famous in the movie Mission: Impossible.

     

  • Unauthorized transactions: any use of a Web site by someone without approval.

     

  • Unauthorized disclosure: viewing data without the appropriate permissions.

Only when you familiarize yourself with a hacker's motivations can you sufficiently begin to protect your information systems.

 

Find out how the professionals at BAI Security can help you secure your business. Contact Us Today »

 

Sign up Now!
 
 

    © 1995-2010BAI Security Inc. All Rights Reserved. Privacy Policy | Sitemap