What is Your Strategy?

Communication between employees and customers has been revolutionized. Companies thrive on the benefits of doing business via computer networks. Data storage and retrieval can be done in seconds. On-line transactions are popular because they are easy and save time.

Networks are an incredibly valuable asset but they also carry a potentially business-threatening liability because they can be breached. Your network security can be tested by many unknown sources. Whether it's a rebel who creates a virus just to prove they can, or a Trojan horse developed by an unscrupulous competitor to bring your system down.

Viruses spread quickly at the workplace. According to ICSA.net's sixth annual virus tracking study, the number of companies reporting computer virus infections rose by more than 20 percent during the past 12 months in 2002. Two-thirds of the 850,000 company PCs that ICSA.net polled had experienced file problems caused by viruses during the past 12 months, compared to 50 percent during the prior year.

According to ICSA.net, forty percent of the companies interviewed actually lost data in the past year--a 23 percent increase from the previous year. The price of virus infection is also rising to a high clean-up cost of between $100,000 and $1 million per company per year.

Computer Economics estimates that virus infections will cost all companies a total of about $17 billion in ruined PCs and lost productivity before the end of this year. And that's assuming that infections remain routine and don't include another really serious outbreak like the Love Bug.

Rising costs are due to increased incidents of security breaches and the evolution of ways to get around network security. Small and medium sized companies often feel a false sense of security, thinking hackers target only large companies. Every company's network contains valuable information. Employee records, including names and addresses, social security numbers and direct deposit account numbers, to strategic company business plans, may make data more vulnerable in companies that do not employ IT security specialists to protect their network.

Viruses were the first security breaches developed. A virus is a small piece of software that is attached to a program or to a document. Whenever the program is launched or the document is opened by an unknowing user, the virus is initiated then replicated, creating copies of the virus. The damage continues unabated, unless the virus is detected. The virus damage occurs during the attack phase of the viral software.

A virus usually has a trigger, such as a specific date. Once triggered, the software may attack. Sometimes the attack is only annoying, such as a pop-up message on your screen that you can't clear. Or the viral software could attack the commands to erase your hard drive, spreadsheets or documents.

Viruses sent via e-mail usually function the same way. They spread from system to system, utilizing the Internet and the infected computer's address book, to send e-mails containing copies of the virus.

Worms can best be described as viruses that attack computers linked to a network. Worms are small pieces of software that are written to exploit security holes within a network. Once a worm has infiltrated a network, it looks for holes in computer security systems that allow it access to another machine on the network. The worm replicates itself on the computer, then scans for another machine on the network that is vulnerable due to a security hole and the process is repeated.

In January of 2003, the Slammer worm was written to seek a security hole in Microsoft's SQL server. It used one piece of software to launch an attack on the Internet. The worm directed infected machines to spam random addresses, so vulnerable networks were infected through their servers. Slammer doubled in size every 8.5 seconds and infected more than 90 percent of vulnerable hosts within 10 minutes. After infecting at least 75,000 servers, it caused network outages and unforeseen consequences including canceled airline flights, election interference and ATM failures.

Trojan Horses are software designed to masquerade as something rather harmless, like a game, video or music clip but once inside they can wreak havoc. Though a danger to networks, since launching them may corrupt data or erase information completely, Trojan horses cannot replicate.

Trojan Horses can give hackers direct access to your data. They can also initiate Denial of Service (DoS) attacks. DoS attacks caused networked computers to either abruptly disconnect from the network or just outright crash. Hackers use an overload of meaningless messages to gum up the responsiveness of a site by tying up computers on the network, similar to jamming commercial phone lines with prank calls. In February 2000, a teenager used very simple DoS tool to cripple web sites like Yahoo, eBay, Amazon and CNN.

Companies are developing managed security services for computer systems of all sizes. These include but are not restricted to virus detection, firewalls, data encryption, monitoring firewall breaches, and more. Every business needs to take network security seriously.

For more information on network security and what you can do to protect your network, contact a Time Warner Telecom Account Representative or e-mail sara.miller@twtelecom.com.

Click here for a printable version of this page.