ad info

CNN.com
 MAIN PAGE
 WORLD
 ASIANOW
 U.S.
 LOCAL
 POLITICS
 WEATHER
 BUSINESS
 SPORTS
 TECHNOLOGY
   computing
   personal technology
   space
 NATURE
 ENTERTAINMENT
 BOOKS
 TRAVEL
 FOOD
 HEALTH
 STYLE
 IN-DEPTH

 custom news
 Headline News brief
 daily almanac
 CNN networks
 CNN programs
 on-air transcripts
 news quiz

  CNN WEB SITES:
CNN Websites
 TIME INC. SITES:
 MORE SERVICES:
 video on demand
 video archive
 audio on demand
 news email services
 free email accounts
 desktop headlines
 pointcast
 pagenet

 DISCUSSION:
 message boards
 chat
 feedback

 SITE GUIDES:
 help
 contents
 search

 FASTER ACCESS:
 europe
 japan

 WEB SERVICES:
Computing

From...

Do you know if you've been hacked?

July 7, 1998
Web posted at: 3:06 PM EDT

by Laura DiDio

(IDG) -- The average corporate network is attacked by hackers 12 to 15 times each year, according to a survey by the Computer Security Institute and the FBI.

Of the 563 users polled, 73% said hackers had penetrated their networks. But 18% said they had no idea if, or how often, their systems had been invaded.

In response, many security consulting firms are training their clients to recognize the tell-tale signs of a system or network invasion.

In some companies, up to 98% of attacks go undetect-ed, according to the Defense Information Systems Agency (DISA) in Washington. Even in security-conscious government agencies, more than 70% of the test hacks DISA conducted went undetected.

Attacks such as E-mail bombs and viruses are obvious, but few companies can detect a logical attack -- a planned invasion of the network, according to Winn Schwartau, a partner at The Security Experts, Inc. in Seminole, Fla. The consultancy attacks the networks of its clients to find security holes. "In the last six years, we've performed about 2,300 sanctioned hacks for our clients, and we've only failed to penetrate the networks twice," Schwartau said.

Gary Loveland, a partner at Price Waterhouse LLP's Information Security Risk Management Group in Los Angeles, said there are several obvious things to look for. They include unknown accounts added to the system and file server, an excessive number of log-on failures and dial-in attempts, any unexpected system or network crashes, unauthorized changes to system software and system files or high system activity when no users are logged on, especially during off-peak usage hours.

"Once they've successfully penetrated your system, hackers frequently create accounts for themselves so they can continue to get back in. And they typically will also attempt to give themselves administrator-level backdoor access into the network," Loveland said.

 MORE COMPUTING INTELLIGENCE
  IDG.net home page
  Computerworld's home page
  Computerworld "Emmerce"
  Industry Standard daily Media Grok
 Reviews & in-depth info at IDG.net
  IDG.net's personal news page
  Questions about computers? Let IDG.net's editors help you
  Search IDG.net in 12 languages
 News Radio
  Computerworld Minute audio news for managers
  PC World News Radio
     
Bob McKee, director of information management security at The Hartford Insurance Co. in Hartford, Conn., said his firm has a "very formal" set of policies and procedures and makes those policies a part of every new employee's orientation. On the product side, The Hartford proactively monitors and tracks all network activity via a series of firewalls and intrusion detection and auditing packages that can detect "attacks in progress."

McKee's group of 22 security managers also performs regularly scheduled audit and inventory checks and maintains strict password controls.

For further protection, the company has established a demilitarized zone for its World Wide Web servers to effectively isolate the corporate networks from the Internet. "There is no such thing as being too alert or vigilant," McKee said.

"If you don't have at least a basic detection mechanism, [for example] audit trails, intrusion detection, behavioral anomaly detection, you'll never know if your systems are hit," Schwartau said.

Related CNN Interactive stories:
Latest Headlines

Today on CNN

Related IDG.net stories:

Note: Pages will open in a new browser window Related sites:

External sites are not
endorsed by CNN Interactive

SEARCH CNN.com
Enter keyword(s)   go    help

   
 

Back to the top
© 2000 Cable News Network. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines.