IT security

The world is connected, interconnected and everybody, consumer, business and government, have often several IT systems installed and operating.

IT systems are not only the home PC and accounting, ERP system in companies but also the data servers, communication switch systems and control systems of powerplants and sewage systems. IT systems control nearly all processes in a developed economy.

IT systems need to be protected against all kind of intruders. There are several threats to IT systems. From the “computer nerd”, criminal to terrorist organizations or even foreign governments who want to break into, hack, your IT systems. Hacking can have several motives. It can be done just to find out how they can come in and how it is designed. Out of curiosity. But most attacks are out of ulterior motives. Criminals are interested how to get as much as possible money out of information of the company and customers. Governments and other companies are primarily interested in industrial espionage. Getting information about products, methods and pricing. The third group are terrorist and foreign countries who want to gather information, manipulate information/data and even destroy complete IT sytems.

The level of proficiency of all three groups can be alike. And very often the different groups operate or are forced to work together. Nerds can work for criminals or governments by either simple the threat of physical force or by offering incentives or protection from prosecution. Criminals do it for incentives and protection from prosecution. Terrorists do it out of conviction, for example fighting for god.

What ever the motive it is in your interest to keep all unwanted “visitors” out of your IT systems. Everybody can remember the impact and danger of viruses like Stuxnet, Dux and Regin.

 

Entries into IT systems

There are a several options how to enter an IT system. From rather simple to sophisticated:

– You can use a password;

– piggyback on somebody else;

– have somebody inside to open up the door;

– use a fake entrance site;

– enter an IT system by connecting a physical device;

– use software to break the code;

– or break into a communication line between several computer systems.

Several entries can be closed by using technical means. Install and update firewalls and anti-virus software. It is a matter to buy and install the right systems and keep them up to date.

Passwords can be get by stealing or deceiving people in freely giving the necessary passwords. Phising is still a technique used to get information out of people, including passwords and ATM/pin codes of bankaccounts. Surprisingly, many people can be tricked into giving up much personal details.

Hackers can build identical looking websites which mimick an original website. The hacker’s site is put in front of the original site or small changes have been made in the url, name, ID, of the site.

Hackers look at vulnerabilities of software, websites, about how they can enter and do their thing.

Software has also been used to enter IT systems, to identify passwords, to find weak spots in systems and be able to look around inside.

IT systems, even closed systems, can be illegally tapped by physical devices and by breaking into communication cables.

 

Protect your IT systems

IT systems need to be protected to operate flawlessly. The first line of defense is the security of the operating system. It needs to be up to date and be evaluated continuously to look for vulnerabilities will need to be closed immediately after discovering.

The second line of defense is also about the use of technical means. The firewall and anti-virus software needs to be up to date and always operating. Especially if an IT system is online.

The basic technical means need to be operational. If those are not operating, installed, it is basically an open invitation to a hacker.

Other technical means which can be used efficiently and make it more difficult to enter an IT system are about registration and allowance to enter an IT system or certain area of a system. An IT system can also respond to a request to enter to make a connection itself with the person/entity requested entrance. Other options are using profiles. Of all people using an IT system can be made a profile. If they behave differently from their usual pattern, something can be wrong and needs attention. The profiling can go as far as looking for word use, grammar and speed of the use of the keyboard. Any change of behavior is a reason to give the user additional attention and if necessary cut the communication or even start an investigation with your own offensive software to get more information about the user, capabilities and intentions.

Technical means are about halve of your IT security. The other part is about the human use, abuse, of IT systems.

Everybody using IT systems should be aware. Awareness about the system and about the threats. Learning and training are important to create and nurture that awareness.

Users have to protect their passwords, never inform others about their codes. Nobody, even officials/employees of organizations/businesses were the password is necessary have a need for your password. A password is only necessary for you to enter/order the IT system. If officials/employees would have a need to enter the, your, IT system there will have been created entrances for their use only.

Be aware for questions about your passwords, about demands to renew your bankcards/passwords. That you have to enter, or be directly linked, to the website of the issuer of the bankcard and fill out all kind of documents to renew your bankcard. The website is often a good look a like, with nearly the same URL as the official website. Never give away information about bankaccounts and passwords or send your bankcard to a reliable looking kind of address.

The same is valid for messages send to you. Do not open strange mails, especially attachments. By opening you can give a permission to enter your IT system/computer. Or leave behind some kind of software which is dangerous to your computer, your data on the computer and even your own well being. As it could damage your computer, steal/manipulate data, steal money, use your computer for all kind of illegal affairs.

The above mentioned methods are called Phising and remains a tool for criminals and changes/improves as people get more knowledge about it.

An IT system/computer is usually protected by firewalls and anti-virus software but those will only function against something coming from the outside. If you would connect another IT system/computer or USB device on to your IT system it will will assume that you have checked the content and that it is allowed to enter your system. So never ever connect strange or found devices to your IT system as you don’t know if it is clean or safe to use.

Foreign secret services like the former KGB, the CIA and the Mossad have used it to get entry into government and commercial IT systems. For example USB devices with the Stux net virus on it has been placed, left behind, to be picked up and checked by employees who had found those devices.

People, staff, need to be trained, learned to be aware of the dangers around. Aware users together with the available technical means, IT systems can be protected against unwanted entrants/users.

It is up to every user, individual, company, or government, how to protect your IT systems. But considering the use and importance of IT systems, the best available protection/security is necessary. Install and use the right firewall, anti-virus/scanning software and be aware about the world. If necessary we from INSE services can help you.