Security problems worsening: companies need to take action

So says Stephen Northcutt, who is working towards the SANS Network Security 2006 event, being staged in Las Vegas from October 1—9. “Government contractors and government sites in most developed countries are facing an increasingly tenacious, constant barrage of cyber attacks. Financial losses reported by banks are up 450% from the first half of 2005. The losses are so great that bank CEOs are getting personally involved in monitoring progress in fighting back.” Making all of this worse is a new level of attack tools. “One of the worst is the Blue Pill which exploits features of widely-used new AMD processors,” explains Northcutt. “It creates a practically undetectable rootkit as a virtual machine hypervisor, subverting a system at an extremely deep level, far below the operating system itself.” His observation is that all this is happening while the people responsible for security in their organisations are probably falling behind with technical skills to identify and block the attacks – hence the pitch to go to the event. For UK companies not able to make the trip, the immediate focus should be on getting signed up for updates on at least the following: hacker techniques, exploits and incident handling; perimeter protection; intrusion detection; system forensics, investigation and response; and assessing and securing wireless networks.