As an outsource security partner BAI provides managed security, managed firewall, managed ids, content filtering, internet security, network security, penetration testing, and vulnerability testing.

The Internet has opened up a whole new world of opportunity and risk for business and home users.  In some cases, we are introduced to these risks on the nightly news or the front page of the newspaper.  Unfortunately, these attacks remain constant even when they are not front page news.  As we try to classify and understand these risks, they are often given names associated with medical jargon, which is a dramatization of how these risk events can make your computer or corporate data center very sick.

Worms.  A worm is a software program that propagates, by itself, across a network.  It executes on a system without human intervention, and typically performs a task in which it attempts to find other systems which are vulnerable.  It can enter your system by exploiting bugs or overlooked features in commonly used software programs.  Worms often exist purely in memory, avoiding the file system which makes them invisible to file-scanning antivirus software.

Worms get a lot of press and seem to have clever names.  Some of the worms that make the Evening news include: Nimda, LoveLetter and Slapper.

Expect to see new “Super” Worms on the horizon.  The coming breed of super worms will spread faster and cause a larger wake of damage over the next five years.    These super worms will use zero-day exploits to simultaneously target multiple operating systems which will leave little time to detect, respond and recover from their effects. 

Viruses.  Viruses can hide and replicate themselves in a computer’s file system.  They are typically dependent on human intervention and interaction in order to spread and/or even become active.  To trigger an infection, the virus must attach itself to a file being executed on the system.  Once they are enabled, viruses copy themselves into essential system files, making them hard to remove.  Most viruses reside in memory and actively attempt to infect other programs.

Perhaps you have played a role in spreading a virus yourself.  Most viruses spread by tricking the user into running a program, most commonly sent as an attachment via email.  In fact, over 85% of viruses spread via email.  Many companies and home users have deployed Antivirus software on the desktop but the real cure for corporations is to deploy Antivirus on the desktop and their mail and file servers.

You might remember these Viruses in the news: Klez, Jerusalem, Concept, Melissa, Love Bug.  Remember to keep your Antivirus software up-to-date.

Denial of Service (DoS).  Denial of Service attacks are designed to bring down a network or corporate web site by flooding it with large amounts of traffic or hits to the web site.  These attacks send “specifically crafted” packets that crash remote software and services running on the web server.  This is generally accomplished by sending a high volume of useless packets such and SYN and PING requests to the web server.  Most Firewalls and Intrusion Detection Systems (IDS) will recognize these attacks and terminate the connection before the damage is completed.

This type of attack can bring down the Internet connection which is an inconvenience with some loss of productivity to the business. To some e-commerce and web based businesses this can mean substantial loss of revenue and corporate reputation.  The purpose of these attacks is to not penetrate the network but to cut it off from the outside world.  

Denial of Service (DoS) attacks is a huge problem.  The 2001 FBI/CSI survey reported more than 78% respondents had experienced a DoS attack.

So what’s next?  The industry is getting ready for super worms, stealth attacks, exploits in automatic update features, attacks against the routing and DNS infrastructure and physical terrorist attacks. Stay tuned.