Skip to main content
Uncategorised

Beware the Enemy Within – Internal IT Threats to Business

By 8th February 2017No Comments

While few can argue against the dangers of malicious email attachments, security attacks inside the organisation have become significantly more sophisticated. Whether it is an employee who does not understand good security principles or tools that prey on people’s gullibility, protection is vital in this digital age. Below, I look at the nine most common threats that can compromise the internal security of your organisation.

  1. USB devices

The humble flash drive poses a significant risk to the business. Infecting your network can be as easy as a visitor giving a service pitch on the boardroom PC using a presentation from a USB stick.

Another example is how a security firm loaded 20 USB drives with password-stealing malware and scattered them in the parking lot and other likely locations outside a target company. Fifteen of the drives were found by employees, who plugged them in to see what was on them. It only took a few hours for the security firm to get a steady stream of passwords and other critical data.

Unfortunately, USB device protection under Windows is pretty limited. Basically, you can only enable or disable a USB on a system. But since this is the default peripheral connection for Windows, it does not make practical sense. Fortunately, third-party software such as Sophos, Devicelock, and Promisec remove this restriction and offer policy-based management for USB devices.

  1. Peer-to-Peer (P2P) file-sharing

Although unauthorised file-sharing programmes are often forbidden by company policy, many businesses are not even aware that staff have these applications installed on their computers.

An example of such an application is BitTorrent (or any other torrent software for that matter). Cyber-criminals have started using these P2P programmes to compromise and take over networked computers. And then there is the small matter of P2P being one of the primary methods of illegally distributing copyrighted material. Imagine the cost (and embarrassment) of the authorities knocking on your door after John in accounting downloaded the latest episode of Game of Thrones.

  1. Anti-virus problems

The major anti-virus vendors release anything from 1,200 to 2,400 updates per week. Let that number sink in for a bit. Scarily, this does not necessarily match the number of new viruses hitting the internet.

Clearly, it is vital to keep your anti-virus current with the latest patches. This is particularly true because one infection strategy used by malicious users is to infect as many computers as possible in the shortest amount of time before a patch can be made available. For example, on 19 July, 2001, the Code Red worm infected 359 000 computers in 14 hours.

  1. Outdated Microsoft Service Packs

Similar to the importance of installing the latest anti-virus updates, businesses that run on Windows need to ensure that the latest patches are downloaded and installed on all network machines.

The larger the organisation, the more challenging it becomes to guarantee that this is done. And that is not even examining the myriad of smartphones and tablets connecting to the corporate network. It seems a case of when rather than if a breach will occur.

  1. Missing security agents

No, these are not the bloody agents you are thinking of. Many companies require agents to be installed on all their endpoints (essentially any networked device).

These agents may monitor network traffic, make sure patches are up to date, or track and report on stolen computers. However, requiring such agents and actually having them installed are two different things.

  1. Unauthorised remote control software

Remote control software is invaluable for troubleshooting hardware and software. But then so unauthorised remote control becomes a great tool for malicious users who see it as the perfect way into a corporate computer.

  1. Media files

Anybody remember all those Anna Kournikova emails doing the rounds many years ago promising all sorts of photo and video content of the tennis star? The names of the celebrities might have changed but unauthorised media files still remain dangerous both because of their content and what can be hidden in them.

Video and music files are an increasingly popular method of sneaking malware into an organisation – spyware, Trojans, viruses and just about any other kind of bad thing you can think of.

As with file-sharing, even if the files do not contain any embedded malicious code, you still have the small matter of copyright violations and distribution of pornography to think of.

  1. Unsecured synchronisation software

Laptops, tablets, and smartphones use synchronisation software to keep information such as calendars and contact lists updated. While convenient, especially when combined with technologies like Wi-Fi or Bluetooth, simply allowing any device to synchronise over the network can open a serious security hole.

This is more so the case given how many of these programmes work in the background with the user not even aware of what is being uploaded or downloaded.

  1. Wireless connectivity

Recent research shows that almost 95 percent of all laptops ship with built-in wireless access. Again, while it might be convenient to have a wireless network in your office, the more secure route is to limit connectivity to physically having to plug devices into network points.

Generally, the recommended strategy is to control the threats rather than trying to totally eliminate them (because realistically you will never be able to do that). While some of the threats to endpoint security can be eliminated from corporate networks, others (think wireless and USB devices) are important for the modern business. Mitigating risks to the practicality of security should provide a good starting point to protect your organisation.

Leave a Reply