5 Steps to Safeguard Against Cyber Threats

Malicious attacks don’t have to come from the Internet, and can even come from well-meaning or disgruntled employees.

Beyond making sure a project is completed correctly and on time, security integrators must be wary of virtual threats to a customer’s system. With most of today’s devices connected to data networks, it’s imperative that integrators are diligent about protecting the customer’s infrastructure as well as their own.

A single virus or worm can wreak havoc and if the security network is infected, the business could be exposed to massive risks. Other ways to cripple a network or compromise data include denial of service (DoS) attacks, keyloggers, rootkits, spyware and adware. Let’s take a closer look at some of these nasty things and how integrators might guard against them.

Entire Networks Face Rapid Compromise
Most viruses are designed to replicate themselves into other files to consume hard-drive space, corrupt files or produce malicious code. If a virus penetrates an access control system, this may allow protected areas to become vulnerable to outside threats and unauthorized individuals. Viruses called dialers reroute a system’s phone dialers to other numbers; these open a backdoor into the system or route calls. 

ASIS 2014 Session

Hacking Critical Infrastructure: From Cyber Myth to Startling Reality

For integrators who want to get a sense of the cybersecurity landscape at the end-user level, ASIS is conducting several sessions on the topic next week in Atlanta …

Date: Monday, Sept. 29
Time: 4:30-5:30 p.m.

This session will review real-life, recently successful compromises and exposures of critical infrastructure and include a live hacking demonstration. The session will also describe how critical infrastructure hacking might be used in the future for criminal activities, terrorism, and other nefarious activities. Finally, some simple suggestions to help organizations mitigate the risks associated with critical infrastructure exposure will be presented.

Worms are similar in that they replicate themselves, but are network-aware. After a worm infects a system, it searches for other connected systems. This can bring down a whole system in a very short time. Additionally, it’s very difficult to get rid of worms, because as it’s deleted, the worm continues to reinstall itself unless protection is immediately put in place. For instance, an infected video server farm would be rendered useless until the worm could be removed. In some cases, worms are designed to delete files, causing a loss of video that could take hours or days to rebuild.

One of the most dangerous threats is a keylogger, usually combined with a remote-access virus. Keyloggers capture every keystroke typed and report them to the controlling system, granting remote access to the system’s information. This compromises the system and confidential data.

Stringent Policies Also Need Enforcing
It’s essential to have trained personnel working on and monitoring a system. Clicking on the wrong link can bring down an entire system or delete critical data, setting up both the customer and integrator for serious liabilities.

Protecting customer site information is critical. For many businesses, it’s not unusual for employees to keep backup copies on their company laptops. While this can be immensely beneficial for quickly restoring a crashed or infected system, it can also expose customer configuration and information to others if not properly protected.

This is why it is so important that company computer policies are always enforced. Most companies have these policies in place, but they are not monitored or regularly carried out. Consider these scenarios:

Scenario 1: An employee takes a company laptop home to do some after-hours work. While at home, he remembers that he wanted to look up an item for a birthday gift. Rather than going to his personal computer, he uses the company laptop. The site he visits is infected with malware, subsequently infecting the laptop. The next day, the employee connects to the corporate site and security network with the same laptop, thus infecting it.

Scenario 2: An employee takes a company laptop home, and connects to her home network. Her kids have been downloading music, unknowingly infecting the home computer and network with a worm. The worm registers the new laptop on the network and infects it. She then uses the laptop at work and infects the rest of the company’s networked computers.

Malicious attacks don’t have to come from the Internet, and can even come from well-meaning or disgruntled employees. Sometimes an act as simple as deleting a critical file can take a system down. Even what seems to be innocent sharing from one friend to another can be enough information to compromise a system if it lands in the wrong hands.

ASIS 2014 Session: Business Skills for Cybersecurity Professionals

Date: Tuesday, Sept. 30
Time: 1:45-3 p.m.

Cybersecurity is usually thought of as mainly a technical domain, yet it has a reach far outside just technical aspects. Hear from a panel of experts about what business skills are needed to overcome challenges often faced by security professionals. The discussion will benefit all security professionals.

Though no solution is bulletproof, critical steps can be taken to prevent these problems:

(1) Start with a strong, company-wide computer use policy that is meticulously monitored and enforced.

(2) Install antivirus and malware protection software on all company computers and servers.

(3) Have firewall and DoS applications in place on the corporate network.

(4) Scan incoming E-mails for potentially virus-infected attachments. 

(5) Monitor Web traffic.

Every day, new attacks are created and released, and as fast as they can be neutralized, new ones spring up. You must be vigilant in helping customers identify weaknesses in their systems, especially if there is no IT department. Implementing as many walls of protection and preventative policies as possible will help to diminish the threats – and to protect the liability of both you and your customer.

Bob Stockwell is Chief Technology Officer for STANLEY Security. From 1997-2012, he was Niscayah’s Director of Systems Operations. He can be reached at [email protected].

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!

About the Author

Contact:

Bob Stockwell pens Security Sales & Integration’s “IT Intelligence” column, which covers network security. He is Chief Technology Officer for Stanley Security.

Security Is Our Business, Too

For professionals who recommend, buy and install all types of electronic security equipment, a free subscription to Commercial Integrator + Security Sales & Integration is like having a consultant on call. You’ll find an ideal balance of technology and business coverage, with installation tips and techniques for products and updates on how to add to your bottom line.

A FREE subscription to the top resource for security and integration industry will prove to be invaluable.

Subscribe Today!

Get Our Newsletters