iEntry 10th Anniversary RSS Archive

IT Management Begins With Security
SecurityProNews > News > Security News > Internet Security Companies: The New Mark For Hackers
Search:
[ news_security_news ]

Internet Security Companies: The New Mark For Hackers



John Stith
Staff Writer
2005-06-23

SecurityProNews: Insider Reports Insider Reports RSS Feed


The Internet and computer security industry burgeons with growth as constant new challenges by hackers around the world creep up with various ways to screw with your computer. Worms and viruses and spam come from all directions as malicious individuals seek to steal your credit card numbers, lock up your network, or just cause problems because they can. It's quite frustrating for many.

In the last few days, the Yankee Group released a study and then a statement suggesting that hackers in it for the money have grown somewhat bored with hacking the same old Microsoft software. Now they're going after Internet security companies themselves. This has been become a big business with big bucks and this black market business has developed a "supply and demand chain."
Internet Security Companies: The New Mark For Hackers


The underbelly of the research industry is just as prevalent as the rest of it. For every researcher at Symantec or McAfee looking to protect your computer, there's at least one looking to crack it. The way they do this is by testing and researching security software and selling their research to groups or individuals who look crack computers and do corporate espionage or run a good old-fashioned protection racket and all this can be done from the comfort of any place, anywhere in the world.

"Security researchers-whether they wear white, gray or black hats-are increasingly less interested in poking holes in desktop operating systems," said Andrew Jaquith, Yankee Group senior analyst in Security Solutions & Services in a Yankee press release.

"A more fascinating and profitable area exists in finding vulnerabilities in the products meant to defend against the attacks themselves. It is time for the security vendors to stand up and make their own products more secure before they become preferred conduits for professionally designed malware."

The report wasn't absolutely perfect. It only concentrated on the Windows operating system for example. While Windows is by far the most widely used operating system, it is by no mean, the only one out there. Linux is certainly available as an open source system and Apple makes the OS X. These systems weren't tested.

The important point of the research though was that cracking security companies is becoming a lucrative business and those companies need to be more aware and more careful with regard to their own products as more vulnerabilities are discovered.

Alfred Huger, Senior Director of Engineering, Symantec Security Response said, "It should not be surprising that the security industry is showing a modest up-tick in vulnerability discovery rates given the current trend towards the commercial and financial motivation of hacker attacks in the last year."

"Symantec agrees that it is important for security vendors, as well as all software vendors, to proactively address vulnerability management to ensure the security and proper functionality of products."

Recent headlines explain everything pretty clearly. MasterCard numbers are compromised, shoe companies records are compromised, and even credit information on its way to a credit bureau is compromised. The need for strong, multi level security is quite apparent.

Critics might say if one didn't use Microsoft products, this wouldn't happen but two thoughts come to mind. First, Microsoft is by far the most dominant player in the software industry, bar none. The other is if there is a sufficient financial incentive to crack Linux or any other system or browser or program, it will be done. No question.

The release said only one exploit has targeted a security vulnerability, the Witty worm. It had 100% penetration on all systems with the said product and compromised all those computers. "Although the security vendor targeted by the Witty worm tightened up its products, other security vendors did not heed the warning. The result has been the spate of vulnerabilities documented in this research."

The moral to the story: If you're in security, whether you're guarding a warehouse or 40 million credit cards, vigilance is key and if the villains need too, they will crack security before they crack the safe.






About the Author:
John is a staff writer for SecurityProNews covering cyber security.

More news_security_news Articles

SecurityProNews: Insider Reports Insider Reports RSS Feed

Get Your Site Submitted for Free in the World's Largest B2B Directory!

Email Address:
* URL:
*
*Indicates Mandatory Field

Terms & Conditions

iEntry Featured Services: Jayde Member Services | Forums | Freeware | Advertise with Us

Contact Us | Advertise | Newsletter Archive | Sitemap | Submit an Article | News Feeds
SecurityProNews is an iEntry, Inc.® publication - All Rights Reserved | Privacy Policy and Legal		 Join the WebProWorld Forums: Click Here
Virus Warnings

Subscribe to
SecurityProNews FREE!


[ more newsletters ]

Featured On:
article resources
Search Articles:
[advanced search]

WebProWorld.com
Get in-touch with industry experts and leaders
Post your site for review by expert and peers
Ask Security, IT, Development and Design questions

Free Membership: Join Now!

Visit WebProWorld.com

Titan Quest Forum
The #1 Titan Quest forum
Halo 3 Forum
The best Halo, Halo 2, Halo 3 forum
Nintendo Wii
Nintendo Wii news and views
Mac Software
The best in OS X freeware
Graphics Forum
Your source for graphic tutorials
SecurityProNews.com | Breaking eBusiness News Get Your IT Questions Answered - Click Here SecurityProNews News Feeds