2008: Major Concerns for Network and Systems Administrators

As with any other year, in 2008 network and systems administrators will have to face challenges which will tax their ability to adequately protect corporate networks. Experience shows that maintaining and improving on security is never easy; hackers, malware creators, spammers, malicious insiders and other, mostly unpredictable, elements all add up to the factors which tend to give these network security professionals many a sleepless night.

Various 2008 threat predictions have already hit headlines. Some mention VOIP and virtualization , others mention malware evolution and Facebook widgets that will be used to distribute malware; However, facts and figures indicate that the challenges faced in 2008 will not stem from technology itself; for in its nature technology is a neutral element that can either be used in a good or in a bad way. The biggest threat for 2008 is the same threat to businesses that has been around for the last 200,000 years – the Human Being himself!. Human beings, their weaknesses, fallacies and inquisition can all be exploited to wreck havoc within organizations.

Human Overconfidence

History shows that we tend to rely too much on the claims which operating system vendors and business software vendors make. New systems sell themselves as being more secure and more fail-safe than their predecessors. While this is undoubtedly true, one must remember that at every release of each operating system and business software throughout the years vendors have all made the same claim, over and over again, year after year. This has never. However. deterred hackers and other malicious individuals from researching and executing attacks against newer systems.

A case in point is Microsoft Windows Vista, which by end 2007, will hit the 10% market share, with a projected 30% adoption rate expected by end 2008. Microsoft Windows Vista does not only equate to a new operating system, it also equates to a new user expierience. While this system is much more secure than its predecessors, its users are still the same as before, and therefore they are the path of least resistance to the average network environment exploit. Through social engineering, security features such as the new user access control can be easily circumvented, duping users in installing software which is insecure or tainted with malware.

Humans’ misplaced trust

Trust should be earned and not automatically afforded. Dangers to business do not only lie outside of the business perimeters; recent history shows that insider attacks to businesses cost as much, if not more, than attacks originating from the outside. Insiders have their own advantages for they have an intimate knowledge of your network and its inner workings. In 2008, an ever increasing proliferation of portable storage and communication devices (iPods, USB drives, USB WiFi cars, etc) will highly facilitate data theft, logic bombs and other forms of sabotage that can throw your business back to the Stone Age. Yet again, while it might be easy to put the blame on such devices it’s not these devices that are at fault; once again, technology is a neutral entity. The main fault here is the use made of such devices – banning them will simply not work because you simply cannot rely on voluntary compliance, supervision is too laborious, the devices can be easily concealed and you’ll just create dissent.

Human lack of knowledge

When it comes to network security, ignorance in neither bliss nor excuse. In 2008, a lack of basic security principles and a lack of knowledge in the trends that malware, spyware, spam and other malware are taking will greatly contribute to the downfall of network security. This most often is due to lack of time or resources to research security principles and trends; an issue that translates into a firefighting approach to network security: reacting to incidents after being hit.

This is, once again, a human issue. Malware does not evolve on its own, in a vacuum. The reason why malware evolves is greed – Hackers and other malicious individuals today create targeted attacks not to create havoc but for financial gain. Targeted exploits that attempt to address the inquisitive human nature to make them click on a tainted link will become more and more commonplace. This makes them much more dangerous than ever before, making the issue of lack of knowledge even more critical. Limiting human inquisitiveness through a blanket ban on access to resources will also backfire since it will create both dissent and boredom, all of which hamper productivity.

Human gullibility

Being gullible does not only make you the butt of jokes but also exposes you to myriad network security threats. In 2008, targeted email spam will continue in its evolution with newer and novel attempts to breach network defenses using social engineering. These will extend beyond email and attempt to, for example, compromise VOIP infrastructures through denial of service attacks, SIP vulnerabilities and Spit (Spam Over Internet Technology) attacks. In 2008, an increase in the number of attacks targeted at specific individuals or businesses is also expected, and it is highly plausible that the perpetrators of such attacks will use social engineering to gain access to confidential information that enables them to gain access to your systems.

As with malware, social engineering attempts at exploiting human gullibility evolve for financial gain. No one will be calling anyone up asking for passwords; more subtle methods such as targeted attacks on social networking sites (myspace, facebook, etc) where users are duped in exchanging personal information for virtual goods empower hackers and other malicious individuals to gain unauthorized access to networks.

Conclusion

In 2008, network and security administrators will have to wear more hats than ever before and employ all sorts of defenses against attacks directed at the human nature – overconfidence, trust, lack of knowledge and gullibility will all be decisive factors in how successful network security will be. More than ever before it will be a question of managing the risks that humans pose to businesses; for even if the risks humans pose are the same risks as before, the motivation behind attacks in 2008 is changing and becoming much more dangerous. The best way to defend infrastructures from potential threats is for administrators to implement methods to:

• Monitor the user’s activity 24 x 7 x 365

• Control access to network resources

• Safeguard all the business information

• Backup all communications to, from and within the business

• Enact technological barriers that permit device use according to a clear and defined policy.

• Train network resource users in both network security and information disclosure policies.

In 2008, systems administrators will have to find the fine balance that suits and encourages the human inquisitive nature – without becoming the dreaded medieval Inquisitors!

GFI Software Ltd. is a leading provider of network security, content security and messaging software. For more information about GFI, visit http://www.gfi.com