news (e.g. downloading pornography or pirated software, or inappropriate use of E-mail). • 85% detected computer viruses. For further information visit the CSI Web site: http://www. gocsi.com.
Internet security fears prompt IT security measures The results from another survey, carried out by Intergraph and called “Security Issues for IT Management” show: • IT security is an issue for 90% of the respondents, and a major issue for 40% of them. • Internet security/remote access has been the “main motivator” for two thirds of the organizations to take IT security measures. Thirteen percent cited corporate attack; 15% cited critical misuse of the network as their main motivators. • Encouragingly, in excess of 80% claim to have an IT security policy, however, one in three are not aware or not sure of the IT security liabilities in the latest Data Protection Act. • While many have now taken basic security steps such as installing a fire-wall (70%) and user authentication (80%) far fewer have taken steps to analyse the problem using risk assessment software (10%), or anticipate it (only one third have an intrusion detection system). • Only 15% check their security configuration daily,
18% check it weekly and 11% never check it. • Seven in 10 do not use Email encryption: only one in three use encryption generally to support IT security. • More than 60% of the respondents keep their critical servers and other devices on DDI or ISDN making them potentially open to hacker attacks. • One in three have ‘autoresponse’ style modems on the network. They are also prone to break-in by hackers (where the hacker accesses the network via a modem to set up their own address on that network). For further information, contact Andy McCathie, Intergraph Technology Services on: +44 1793 619999.
20% of companies liable to suffer DoS attacks In the wake of the recent devastating denial-of-service attacks on very high profile E-commerce sites, it has come to light that one fifth of companies of any size are liable to suffer from copycat denial-of-service attacks on their Web sites. This warning follows a survey carried out by Internet security testing company NTA Monitor. The company’s findings, based on surveys carried out at over 200 global companies, showed that less than 7% of companies have ever had their security previously tested and 80% of companies have significant security
issues, most of which can be eliminated through reconfiguration of existing computer systems. Deri Jones, director of NTA Monitor, said, “Despite the means to purchase anything from shoes to airline tickets over the Net, and the potential business benefits, security issues remain paramount within the E-business sector. Denial-of-service attacks have perhaps the least impact of all attacks in that they do not typically involve getting inside a victim’s network, but nevertheless attacks can deluge sites and block access by triggering huge volumes of traffic, and can paralyse Internet-based business on that site. They can also
“Denial-of-service attacks have perhaps the least impact of all attacks in that they do not typically involve getting inside a victim’s network, but nevertheless attacks can deluge sites and block access” cause servers to slow down to a crawl, or worse still, crash, blocking legitimate site users. For any e-business trader, customers left out in the cold during DoS attack, together with the possible resultant publicity, are negatives any Ebusiness would be well advised to try and avoid.” For further information, visit the company’s Web site: http:// www.nta-monitor.com.
Internet attacks will replace military conflicts According to a story in the German magazine Der Spiegel, following two years of study, a secret committee of the German Government has come to the conclusion that Internet attacks will supplant military conflicts in the future. The group, which is comprised of members from several ministries, security forces and the chancellorship, warned that attacks could interfere with sites belonging to the military as well as key civil institutions such as the police, power utilities and health services. The group reports that there is no more national territory that can be defended militarily. The group went on to propose a ‘strike force’ within the German federal office for security that could address attacks on critical sites.
Governments back down on encryption regulations A public research centre in the United States has discovered that regulations that once slowed the distribution of strong encryption technology globally are being relaxed. According to the Electronic Privacy Information Center (EPIC), the worldwide growth of E-commerce and the need for privacy and Internet security has convinced governments 3