About anyadmin

csdkakawppas78963
Apr 01

How to avoid failure of network security equipments deployment? (1)

The enterprise network is rapidly developing! Some of the groups began to clean up phone and tablet and refuse the internet connections from coffee shops and train connections (as a WAN link).

The concept of the extended enterprise brings about more and more severe problems to IT security portfolio, because their sensitive data and valuable data frequently flow out of the traditional network boundaries. In order to protect enterprise from the persistent threats of diverse and low-end low-speed adaptability, IT enterprises are deploying various new network security devices: the next generation of firewalls, IDS and IPS devices, security information event management (SIEM) systems and advanced threat detection system. Ideally, these systems will focus on management, following a centralized security policy, as a part of a universal protection strategy.

However, when deploying these devices, some common mistakes in enterprise will seriously affect their ability of universal protection. This article will introduce some problems which should be noted in the planning and deployment of new network security equipment, and how to avoid related problems that may lead to the failure of defense in depth.

A maximum error is assuming that the security device itself is secure. It’s apparently easy to understand, but we must insist on this footing. How secure is the so-called “enhanced” operating system? What’s its latest status? And how secure is hyper stable “Web server”?

Before starting any job, you must create a testing plan to verify all network security devices are really secure. The first is to start from some basic tests: do you timely upgrade, install patches and fix bugs on each device and their supporting network, server and storage infrastructure? In accordance with the currently known vulnerability information clearing-house you must be sure to regularly upgrade and install equipment patch.

Then, turn to aspects that are more difficult to handle: periodically assess potential weaknesses on multiple device configurations. The inappropriate dement sequence of encryption system and application delivery optimization (ADO) will also cause data leakage, even if various devices can operate properly. This process can be carried out in conjunction with penetration test.

For any safety equipment, management/control channel is most prone to have vulnerabilities. Therefore, the most important thing to note is how you need to configure and modify secure devices and who are allowed to carry out these configurations. If you are ready to access the secure system via a Web browser, the security device will run a Web server and allows Web traffic in and out. Are these flows encrypted? Whether it needs to use a standard port? Whether all the devices need to use the same port (so the intruder can easily guess)? Is it accessed by a common network or a separate management network connection? If it belongs to compile the connection, then any host that send traffics through this port may attack this device. If it’s on a managed network, you only need to worry about other devices on the network.

Best scenario is that if you can’t directly access the device, you need to ensure that all configuration changes must use encryption and multi-factor authentication. Moreover, it’s necessary to closely track and control identity information of equipment management to ensure that only authorized users can gain administrative privileges.

For more information about network and computer security information, please visit: www.kakasoft.com

Mar 24

How do individuals avoid NSA global network monitoring?

The massive surveillance data center built by NSA in Utah desert can screen and analyze most global network traffic from location, audio and video files, emails, social network and other digital documents. Of course, the organization that’s able to track our digital trail is not only NSA, at this privacy streaking era, all kinds of government agencies and commercial companies can master our words, conducts all the time. As a ordinary netizen, is there a reliable self-protective method?

Earlier this week, “Washington Post” has given five pieces of personal information security advice for escaping from NSA surveillance, including using Tor to surf the Internet, using Silent Circle to call. In fact, the Internet personal privacy problems are not limited to the NSA surveillance, in the past several years, the Chinese Internet companies user accounts massive disclosure and the threats to personal privacy and finance from Android phones’ malicious apps make customer privacy self-protective measures imperative.

At the age of anti-virus software is all free and invalid, everyone should understand the skills about personal privacy protection.

1. Use Firefox encryption plugin Tor to anonymously browse

To use Tor for anonymous browsing can prevent website browsing data from intercepted, so all kinds of insatiable Internet companies do not know what kind of ads should be pushed to you, NSA will also don’t know whom you are communication with. The whistleblower Snowden of NSA was photographed using Tor on the Internet.

Tor is a free Firefox anonymous browsing plugin, which’s able to encrypt network traffic data and can be used with Firefox browser on PC, Mac and Linux platforms. And encryption is at the expense of some of the browser’s speed.

It is noteworthy that Tor is not foolproof, for example in 2011 the hackers attacked Dutch certification authority NigiNotar, and created a lot of Facebook, Google, Skype and Tor fake digital certificates, the purpose was to monitor the Iranian Internet users. Similarly, according to Arstechnica reports, papers of USENIX Conference, the researchers also found that there are loopholes in Tor, which can be used to identify Bittorrent user’s identity.

2.  Use OTR app to encrypt chat

Snowden used a type of unknown OTR chat app when accepting the interview with the Guardian, this application can encrypt chat data, many free client support OTR, including Cryptocat and Adium of Mac OSX and IM+ for Android smart phone and iPhone.

3.  Use Silent Circle to encrypt voice and email, etc.

Silent Circle is a US native brand new personal communication encryption service, Silen Circle company announced that its four services would cut price while the NSA monitoring action burst, and these services include mobile phone voice encryption, text messaging encryption, VoIP voice and video call encryption and email encryption. This company claimed through an independent audit it ensured the services provided have no back door.

It is noteworthy that both the communicating parties must be users of Silent Circle if using Silent Circle encryption service. For those high-end business users who worry about information leakage, Silent Circle’s encryption service is very attractive.

4. Android mobile phone users use Redphone to encrypt calls and SMS

Android users are lucky, WhisperSystems company’s open-source software Redphone and TextSecure can provide security call and SMS encryption function. Similarly, both communicating parties must install Redphone clients. Thereinto TextSecure is used to encrypt text messages.

Redphone and TextSecure currently both have passed third-party audit to ensure that there is no back door.

5. Use PGP to encrypt data

PGP and the open source GPG that’s similar to PGP can be used to encrypt data and e-mail, these two software programs need a little bit knowledge to use, Snowden even had to make a teaching video for the Guardian reporter Greenwald.

6. Turn off phone, remove the battery

This approach sounds a bit radical, but this behavior when you don’t use mobile phone can prevent phone leaking your location information to mobile base station nearby. ACLU chief scientist Christopher Soghoian told the “Washington Post”: “laws of physics tell us that you cannot hide your location information to mobile operators.”

7. Stop using Windows and Mac OS operating systems

I believe that changing operating systems is a difficult decision, but considering that Microsoft has officially acknowledged having submitted global users data to NSA, the backdoor of operating system has become a real and serious problem. If you want to escape from “Matrix” and acquire free network user identity, you need to consider various versions of Linux including Ubuntu.

For ordinary computer users, information security including communication information and information placed in computer should be both considered. You need to try methods above to improve your information of communication security level, and for the information in computer, you can use third party tool file encryption program to set password to your folders.

Mar 11

The Global Economical Loss Caused by Cyber Crime Increased by 78%

Ponemon Institute recently released a research report entitled “2013 Cybercrime Cost”. The sponsoring companies for four consecutive years by the HP study estimated the economic impact caused by cybercrime. The report notes that the economic impacts caused by cybercrime in 2013 increased by 78% compared with the past four years, while in the past four years, in order to solve the problem the time cost increased by 130%. Average cost paid for per network attack is over $ 1 million.

In 2013, the frequency of attacks and damage has increased. Based on the sample of U.S. companies and the government, the loss caused by the network attacks is $ 11.56 million every year, which increased by 78% compared with that of the beginning of the study four years ago.

Although the network defense level is increasingly improving, while the cyber crime groups are also showing their strong ability of adapt and adjust facing the continuously improving network defense level.

Some important data in this report are summarized as below:

1) Every enterprise (organization) loss average $ 11.56 million owing to cyber crime every year, the loss range is from $ 1,300,000 to $ 58,000,000. Compared with the average level in 2012, it increases by $ 2.6 million, an increase of 26 %.

2) The fields of military, financial, energy, power industry suffered the largest loss caused by cyber attacks.

3) Data theft is a major factor causing the loss of cybercrime, which accounted for 43% of the total loss, loss of business caused by the shutdown accounted for 36 %.

4) The business or organization suffered 122 times successful network attacks weekly. In 2012 the figure was 102 times

5) The average time to resolve a cyber attack is 32 days; the average cost during this period was $ 1,035,000, which is about U.S. $ 30,002 thousand a day. And in 2012, the average time of solving every network attack is 24 days, the average cost’s $ 591,000.

6) The loss caused by DoS attacks, Web attacks and damage caused by the internal staffs accounted for 55% of enterprises cyber attacks losses.

7) For small businesses, the loss caused by network attacks in accordance with the average figure to every employee is much higher than that of large businesses.

8) For business, finding network attacks and recovery after the attacks was the most expensive two items.

This report also revealed the importance of necessary network defense mechanism and building network security awareness. Researchers also found that adopting security information and event management and Big Data Analytics can help mitigate the loss of network attacks.

For businesses especially the small business, enhancing employees’ data and information protection awareness and company’s data security system is imperative. In order to prevent unethical staffs stealing data and information, administrators can encrypt important folders in computer. For the important files shared with some employees, admin can password protect the shared folders and assign permissions to different users.

Mar 03

How Does NSA Almost Kill the Internet? (2)

The Silicon Valley is shaking, just like collated damage in the anti-terrorism war. But the things will get worse.

Technology companies don’t know the Prism project until June, they just know there’s a project with several-year history, namely for the national security, providing specific data and information to the government in the case of the absence of an official document. The legal justification of this project comes from a series of legal provisions and expanded addition. The “Foreign Intelligence Security Act” in 1978, referred to as FISA, created a secret court so as to obtain the requested information. Amendment of FISA in 2008 amendments a new part of the law, namely section 702. This amendment gives President Bush the monitoring plan that can be launched completely secretly without written permission. NSA cited the FISA admendment as specific legal basis of prism project. (Except Prism) more secretive surveillance operations are all based on the Executive Order 12333 of Reagan era, this order authorize NSA to collect the various information and data of foreigners who should be focused on.

Some companies seem to thinks that it’s properly to collect customers’ information to the NSA. Verizon has never refused to provide its tens of millions of users’ critical billing information, telephone numbers, call duration and other information for NSA. Because the telecom companies don’t need to promote itself to customers based on trust, customers rarely expect to get something from the monopoly. On catering to consumers and the government, telecom companies seem to give priority to their government regulators.

Compared to telecommunications companies, technology companies are in another situation. Technology Companies’ CEOs have been repeatedly claimed that without customers’ trust, they have no business. They rely on users’ willingness to share information. On the contrary, these users can get better services, while at the same time the customers expect technology companies will ensure their personal information security and safety. Users have no reason to think that their information can be given to the government without the written permission.

At least one company challenged the unconstitutional information request. Yahoo launched a secret battle on FIFA court to resist handing over users’ information. But the fight failed. In August 22, 2008, the court decided to support government means for national security and give procedural safeguards, achieving consistency with the law in some form and exclude user privacy concerns, therewith Yahoo has no place to appeal.

These queries may have violated a number of large technology companies, but it’s not enough to pose a challenge on its business. They weren’t forced to make obvious modification on infrastructure in order to deal with data query. Usually, they passed the data and information to government-owned special equipment.

For some small companies, compliance is not always easy. For example, Lavabit mailbox is a safe start-up company, which allows users including Snowden to encrypt e-mail messages, the government had asked them to hand over the important information that’s involved in Snowden event to government. Lavabit cannot do this, because if it obedient, all the users’ information will be fully exposed to the government which will lead the company closed.

Twitter’s legal counsel Vijaya Gadde said:”The government can request information, but they cannot force you to give information. You can make things easier or simpler.” Google also said that when a request is “very broad”, Google will push it back. These small things indicate a subtle resistance to government inquiries. FISA requires the government to compensate the enterprises that have been retrieved information. Google said they did not want to bother the government to ask for money. But one company said that it used this clause, in the hope of limiting the extent of government requests. The company’s executives said: “Initially, we thought we should not do this for money, but we recognize that this is a good thing, it could force the government to stop and think about it.”

But finally, the financial motivation of cooperation with the government exists.  A senior director of the company said: “Large companies have business with the government, these companies cannot tell government officials: ‘we are fighting against you – can we get the 400 million dollar contract?’ ”

After the shocks of Prism project, individuals and groups begin to enhance the awareness of information and data security, and the data and information protection has been paid more attention. For more information about data security and information protection, you can click here.

Feb 24

How Does NSA Almost Kill the Internet? (1)

《WIRED》 published a long article that tells the story that after the exposure of NSA massive surveillance activities, the Internet giants Google, Facebook, Microsoft and other technology giants have to confront with the government for their survive.

This is just a start of the chain reaction that will threaten the Internet industry basis. This topic has occupied headlines for months, and has become a hot topic of technology circles discussion. Over the years, technology companies’ privacy policies adopt subtle balance between maintaining the users’ privacy and providing personal data to government agencies. This field is new and is in controversy, sometimes it will erode the existing laws, while in the past, and these companies have made a difficult balance in the progress of promoting the policies. Technology companies suddenly find themselves caught into a fight which’s bigger than a battle involved in over share on Facebook or ads issues on Gmail. Over the past few months, they find that they have to fight with their governments for the future of the Internet.

Joe Sullivan, the Facebook’s security chief said, “We spent ninety minutes to respond.” Nobody’s heard of Prism project. And the worst is that Facebook and other technology companies are claiming to authorize the NSA to directly access to their server to get a huge amount of information, which seems completely wrong. CEO Mark Zuckerberg was shocked by the claim, and asked his executives whether this issue is true. They answered: NO.

Similar panic dialogue also occurs in Apple, Google and Microsoft. Google’s legal counsel Kent Walker said: “We are asked by the people around us: Is there any secret way to get information?” We said: NO.

Nevertheless, the Washington Post launched and described the Prism project. Technology Company quickly issued a statement to deny that they authorized the U.S. government directly into their user database. Because sometimes the secret court will order technology companies to participate in government projects, these projects require them to share data, but they are often reluctant to participate in, and the fact makes the technology’s statement complicated. Google and their partners did not talk about all the details of this issue, this is partly because the laws prevent them from full disclosure, and on the other hand, they don’t understand the government’s actual operational details of this project.

Before President Obama stepped in the issue, they have little time to plan out how to respond to Gellman’s allegations. President implied the Prism project when he responded to the leak problem, he said: “In terms of the Internet and e-mail, the matter did not involve U.S. citizens, nor people live in the United States.” The answer might alleviate some of the public outrage, but it did not play a helpful role for the IT industry. Most users of Apple, Facebook, Microsoft and Yahoo are non-US citizens. Now these users as well as regulatory agencies are directed to believe that using the services based on the United States means that their data will be directly sent to the NSA.

Technology giants spent years to establish trust which is now at the risk of bursting; however, they seem powerless to do anything for this. Legal restrictions makes them are not at liberty to provide complete documentation of their cooperation with the government, so they can only deny. However, even the most resolute denial – from Google CEO Larry Page and chief legal counsel David Drummond – cannot suppress the query for them. In the Q & A Drummond anticipates in on the Guardian website later this month, his questioner become more hostile:

“Whether this quiz is just a superficial after you are found the collusion with NSA?”

“If Google lies to us, then how can we say?”

“Google, you lost the trust we have given you for ten years.”

“I will stop using Google mail.”

Other companies are also facing such a siege. A company executive said:”Every time we talk about it, it seems that the things will be worse. We are more than not being trusted.”

Facebook’s global communications director Michael Buckley said:”The fact is that the government failed to turn the monsters back into the bottle, we can come up with any statement or statistics, like the government’s weekly routine disclosure, but the problem is that who will believe us? ”

In September last year, Facebook’s Zuckerberg expressed his disgust when attending a technology conference. He said “the government screwed up.” But the government’s actions, and after the world knew the wider information leakage, Zuckerberg, Page, Tim Cook, Marissa Mayer, Steve Ballmer and the other supervisors that have stored user information on their server are in trouble.

More than the revenue is at stake. The concept of maintaining the technology world is also at stake.  The Internet once came from a U.S. Department of Defense project, now it turned into World Wide Web that inspires a new era of civilization. Snowden’s leak questioned the Internet position that is characterized by free expression and authorization. If the network is regarded as an extension of the monitoring means, then the paranoid behavior brought about by it will affect the way people use the Internet. The countries that are angry for the U.S. intelligence agencies gathering information behavior have more reasons to use Snowden’s disclosed information to require U.S. government to stop collecting information, while the U.S. intelligence agencies will not easily give up collecting the information of these countries. Enterprises in the implementation of business activities will make the network Balkanization, destroy its open nature, and thus significantly improve operating costs.

For more information of data security and information protection, you can visit: www.kakasoft.com

Feb 17

Anti-Monitoring Battle is A Protracted War

The outbreak of the American “Prism” makes us know that we are living in a “monitored” era, and this monitoring action is s desecration of free network and absolute violation of the public information security. Monitoring of the information age is different from the traditional monitoring; the traditional monitoring refers to the fact that for some purpose, someone monitors somebody else through video surveillance or other camera recording methods, while the monitoring activity of the information age is equal to data theft, data monitoring or even data control.

Traditional monitoring is mainly caused by the distrust of individuals, businesses, and even government to some certain persons or groups. For the interests of certain groups, this behavior is understandable. But today’s network is a free world, there’s no individual, enterprise or even country that’s allowed to imprison its freedom. Anti-monitoring is the first step to confrontation.

The anti-monitoring battle at information age is actually a protracted war on information security, which needs people to know more about information defend technology, or even take measures to deal with the deteriorating International information security situation.

On the network, a serious network security error people most likely to commit is: Connect the public Wi-Fi and log on to your e –mail, bank account and other sensitive account information. If this situation is unavoidable – after all, you are in most of time in cafes, hotels, airports. You can consider buying a virtual private network; hence you can significantly improve the privacy protection when accessing the public network.

VPN, as an encrypted tunnel, can prevent bad guys from stealing your login information and other sensitive information.

Don’t put personal information in the cloud, and it should be encrypted even you must. The online file synchronization service like Dropbox, Google Drive and SkyDrive can be described as the best innovation of the Internet. However, when you conveniently view the latest photos stored on Dropbox, or easily find relevant text files on iCloud, you need to know that the data you stored on the server’s data is not encrypted.

This means that the relevant government law enforcement officials can readily obtain these data you stored. The hackers can also find security vulnerabilities on server suppliers.

For some sensitive data and information you need to synchronize across devices, the better choice is to use an encrypted cloud storage services. Of course, there is a more simple way- to find a file synchronization service with built-in storage encryption.

To ensure your online service security, you need to set a unique, random, tem or more-character password for every account. Don’t forget store them in a good password manager. For better security, please use the double-factor authentication provided by Google, Facebook and all the other services.

Double-factor authentication requests you in addition to enter the password, also need to enter a short numeric code. This code is usually from a physical FOB or smart phone app.

Dropbox, Evernote, Google, LastPass and Microsoft accounts adopt validators automatic work. And Facebook provides it owm code generator on its social network app, meanwhile, you can add Facebook code validator through Facebook account settings. In Facebook news feed page, click on the gear-shaped setting button on the top-right, and select account settings.

For the files stored in own computer or external storage devices, you mustn’t ignorance their security. They may be stolen or leaked to others even though you set boot password for your computer. To prevent the data stored in local computer and flash drives, you’d better lock files with password so unauthorized users can’t access without permissions.

At Information age, the value of the data will still be rising. As long as the mainstream of this era is still information and the Internet, the scramble for information resource won’t stop, the monitoring and the anti-monitoring won’t stop. In order not to damage their data security, it’s necessary to adopt targeted encryption software to guard the security bottom line.

Feb 10

Encryption Software Becomes Essential Factor for Future Information Security

In the day with rapid development, predicting the future based on the data analysis has become one of important reference for individuals and enterprises or even countries to formulate development plans. But there’s one thing that we cannot ignore. As the subject of this action, we need to pay attention to information protection. Once the information itself is wrong, the prediction definitely can’t be correct.

Security Situation – threats are increasingly targeted

In this informationization society, there’s no doubt that the most effective way to pry corporate secrets, to destruct the business’s normal operation or to steal enterprises’ funds is to invade the enterprise IT system. In order to avoid ulterior attacks and business confidential information stealing, more and more companies buy and install anti-virus, firewall and other information security protection products. Despite so, the security incidents are emerging endlessly.

In 2010, the U.S. Securities and Exchange organizations Nasdaq were repeatedly attacked; In 2011, RSA, Sony, U.S. digital certificate authority Comodo were hacked; In 2012, hackers used SQL injection to obtain 453400 users’ authentication information from Yahoo; In 2013, some banks and TV stations of Korea and some TV stations were attacked by hackers.

Do these companies not emphasize on information security? Nope. The companies listed above include not only the veteran IT enterprises and famous organizations but also the vedors that engaged in information security and financial organizations that highly valued information security.

For this reason, we can only conclude that information is now more and more targeted- Where there is value data, would be easy to burst a crisis.

What to do – informationization enterprises face unprecedented challenges

The development history of IT is accompanied by information security. After years of defense battles, current hackers have more specific target, more subtle method, and last longer, and there is a lot of means that can bypass conventional protective measures. Hackers cliques and ambushes the enterprise, they organized and premeditated to implement collaborative attacks. Moreover, with the improvement of the cost of crime, more and more attacks aimed at financial, securities, telecommunications and other industries that can bring high profits.

In 2013, some South Korean television stations and a number of banks were under attack, the cause is that hackers invaded anti-virus software vendors’ LANs and updated the virus database server, and then use the update mechanism to distribute malicious software to users’ computers.  The industry generally believed that in order to get these banks and television information, and to implement attack, the hacker is likely to have been dormant for a few months.

More frightening is that anti-virus software, as a corporate security “bodyguard”, has become hackers’ accomplice in this event. Traditional anti-virus, firewall and other security products are too dependent on the virus database to deal with unknown threats, various security products cannot coordinate with each other, etc. This is why so many large enterprises and security vendors will suffer hackers.

Whether for individuals or work groups, data security needs more attention. Effective precaution will be more useful than remedy measures, precaution of data and information security can reduce possibility of potential data leakage and data loss so as to decrease the financial and reputational loss caused by data loss.

For more information and data security solution, please visit: www.kakasoft.com

Jan 20

Security Tips for Anti Data Leakage (2)

2. Many large enterprises also have this problem, the database administrator and the network administrator who on the earth should be given more full administrative privileges to complete their work. According to the proportion of employees, the total amount of database administrators and network administrators is also the minority of all employees. And implementing management for them is relatively simple. But there’s a vulnerability of management: whether DBA can view all the data without any limitation? Who can have the administrative privileges of copy of the database? Whether there’s no data loss threats even those who have admin privileges are trustworthy?

I recommend canceling the super administrative privileges of database administrator and network administrator, for they just need to do their own job well, and don’t have any reason to fully grasp the enterprise database administrative privileges. The responsibilities of these IT management staffs should be subdivided, allowing them to set user name and password for their work. These user names and passwords should be submitted to the CIO administrator, while they should be kept by password protection software but not CIO.

3. There’s another situation: some IT user may not need to have powerful privileges, but owing to their work, they need to use other people’s privileges. A typical example is a low- level data center operations staff, he may only be responsible for production scheduling environment, while some of his work may be related to database management and system administrator’s user name and password. This is a significant potential threat for any business.

This situation may seem difficult; in fact, it is not hard to solve. Let all the staffs know that all the network activities in the enterprise will be monitored, so as to prevent data leaks.

“The value of core commercial secrets is self-evident, while the number one way of core secrets leakage is the most common e-mail.” Proofpoint CEO Gary Steele thinks so.

The remarks above show the accuracy of a recent survey-according to Forrester’s survey, IT executive and managers believe that email is one way that most likely cause data leaks, particularly the confidential memo, valuable intellectual property rights and transaction information.

However, after observing a number of leaks, you will find that only a small part of these events is malicious leaks, mostly are caused by negligence.

It can’t be denied that there’re malicious data leakage issues in real life. Enterprise users should have awareness, such as using server protection software that can help companies build information protection platform to prevent inbound mail threats (such as spam and viruses ), and ensure that outbound messages comply with company policies and external regulations.

Jeff Bowling, the founder and CEO of TELXAR stressed that the best way to block data leakage is to perform a good security plan, which should include security notes about preventing service attacks and the internal network, and the network admin guide service. The following information should be included in the plan:

1 The reap time should be shown

2 Assign the login credentials and rights

3 Disable external software

4. Consider internal audit/intrusion monitoring applications

5 Lock the internal hardware components

6 Regular audition, security and resource

7 Disable USB or FireWire port

8 Set message size restrictions or/and block all attachments

9 Define a strict policy

10 Execute secrecy and confidentiality agreements

11 Determined command chain and upgrade procedure

12 Ensure secure plans and policies that managers and users understand

If you want to find enterprise data protection solution, you can visit Kakasoft for more tips.

Jan 13

Security Tips for Anti Data Leakage (1)

Whether in real life or in the virtual world of the Internet, the security issues existing in many enterprises are mostly caused by internal staff. The so-called “internal problems” doesn’t derive from hatred to enterprise, many of which are caused by unintentional faults. For example, employees visited the site linked to horse, spyware , adware, such of kind of malicious software will unknowingly downloaded to their computer, and then these programs will be spread within the enterprise network.

Harm caused by the employees to the enterprise, regardless of whether they intend to so, the results of their actions are the same: misuse of the network is likely to cause that the company information system is compromised, confidential information is stolen and the company network is congested and other issues. Once corporate trade secrets are leaked, the assets will suffer huge losses.

Data leakage is a great loss for both employees and the business.

When corporate data leaks, the enterprises are not the only one who suffers loss, the concerning staffs are also the ultimate victims.

In August 2006, the CTO (Maureen Govern) worked for America Online (AOL) resigned; the reason is that AOL had leaked 658,000 anonymous users’ about 20 million Search keyword in three months.

In addition, a researcher and his supervisor of AOL technical research department also left the company owing to data leakage. In order to quell the waves of criticism on the Internet, AOL said it would set up a special team to review the company ‘s customer privacy protection policies.

Data breaches will even make a nation suffer loss, letting the government competence being questioned – British Prime Minister Gordon Brown has been questioned for 2500 people losing information.

In October 2007, the UK HMRC lost two important data discs, in which there is 25 million people sensitive information. In the UK, child welfare subsidies are all directly deposited to the target bank account via transferring, while losing discs saved important personal information.

The losing information involves a great number of UK households, almost all families having children under the age of 16 have lost personal information, and even Prime Minister Gordon Brown family was not spared. Losing information is related to all child welfare subsidies beneficiaries, including 25 million people, 7.25 million families. Almost half of the UK’s confidential information is lost, which contains important bank account content, British Prime Minister Gordon Brown s have been strongly questioned.

Many companies make up some security policies in the database, e-mail and some other aspects of information management, but these policies are just a framework, the effects of which is questionable.

One of the most stressful things for the IT charge men is business-critical data leakage, however leak is really inevitable, because no matter how powerful the technology and equipment are, the enterprise can hardly avoid illegal invasion.

Many enterprises will assign super administrator privileges to admin, such permission is a reflection of the abuse of authority to database. The data environment with such kind of privileges is very dangerous, because it is very easy to be exploited by unscrupulous people, causing critical data loss.

Johnson offers three ideas and suggestions to adequately protect data:

1. In the enterprise, allowing IT operation staffs to assign permissions based on the actual users’ needs is a strenuous and thankless job. Many business executives require IT operation staffs to set the permission of database as “super administrator”, but this requirement is not necessarily consistent with the actual need, which makes IT operation staffs in dilemma.

However, as IT executives, even if you feel very difficult, but I still recommend you to adhere to your principle – related personnel database permissions should match their actual work right, especially you should figure out why some staffs obtain the super privileges.

The management of company must have a clear judgment in this aspect, is it better to firstly regard convenience or the safety? But from all above, we know that in order to stand out from such a competitive market environment, sound and stable security measures are imperative.

You can visit Kakasoft for more information about data security.

Jan 06

Malware CryptoLocker May Cause Millions of Dollars Loss

According to Dell safety engineering researchers’ analysis, within 100 days the encryption virus software CryptoLocker invaded at least 200,000 computers, obtaining defraud income of at least $ 380,000 and this figure may be larger.

CryptoLocker encrypted over 70 different types of files, including Microsoft Word and Excel, Adobe Illustrator and PDF files, etc. and asked the victim for $ 300 to unlock their files. In a report released in late December, security researchers conservatively estimated that in the first 100 days at least 200,000 people infected with the virus, about 0.4 percent of the victims paid the fee to CryptoLocker for the decryption key.

Data loss caused by infection of CryptoLocker poses threats and loss to thousands of companies. In the past the majority of ransom ware or rogue security software at most locks Windows desktop until the users pay extortion fees, they don’t actually encrypt or destruct the data. However, CryptoLocker uses encryption technology, which is also used to encrypt files for data security, to encrypt important files, making them unreadable unless the user pay for the decryption key.

“Compared with most ransom ware, the difference is not only the scale of destroy or the competence level of hackers, more importantly, it’s a more pathetic desperation virus: it will destroy your files, and you will eventually lose your important data if you do not pay extortion fees.” Dell’s senior security researcher Keith Jarvis said.

CryptoLocker virus first spread in early September, it disguised as consumer complaints spam emails. When you run the compressed executable file in the attachment, the program will connect to a server and retrieve an encryption key on the Internet. In this way, it encrypts more than 70 different types of files in infected computer system.

“After a series of practice, the malware authors have created a powerful and difficult to circumvent the program,” the report said.

By using this malicious software in the field of monitoring, security researchers found that in late October and early November, nearly 32,000 computer IP address were displayed that having signs of infection of the virus. In the second week of December, there are nearly 6,500 computer IP addresses that showed signs of infection.

According to a statistical graduate student Michele Spagnuolo’s statistics, some infected people use Bitcoin as extortion payments to the criminals. Through analysis of payment Spagnuolo find out the Bitcoin account holder information. Through this way, security researchers discovered in the first 100 days, an account bundled with CryptoLocker collected 1216 Bitcoins which was worth at least $ 380,000.

However, the ransom collected by criminals could reach millions of dollars. Because Bitcoin is a kind of virtual currency, the fluctuations in the value might make the final ransom far exceed the minimum value of $ 380,000 in that period. In addition, there are more than 0.4% of victims possibly pay a ransom.” Security researcher Jarvis said, “I think the total ransom ultimately is at least several times of this number.”