On-line Data Protection

On-line data is an attractive target for hackers, criminals, and foreign governments. It presents three layers of potential danger.

• The first is liability caused directly by theft of the data.
• The second is the liability for damages through failing to exercise due diligence in testing the system through active attack.
• The third is through loss of reputation.

According to a 1998 study by the FBI and the Computer Security Institute, the average cost of successful computer attacks by outside hackers was $56,000, and the average cost of malicious acts by insiders was $2,700,000. Because of the risks and the costs associated with these risks there is an obligation to exercise due diligence in assuring the safety of the data available on-line.

It is true that, just as no ship is unsinkable. no installation can be 100 percent secure. None the less, a site can be tested and hardened so as to maximize its protection, and induce attackers to turn their attention to less-hardened targets. This is best done in an incremental fashion: The site is tested with the most basic attacks - the same attacks that will be initially used in hostile penetration - and the level and sophistication of attack is increased until the attack is detected, or the installation is considered to be adequately secure for reasonably anticipated threats. This approach allows areas of weakness to be identified and dealt with in a reasonable manner.

Based on our experience, we would suggest that three sets of attacks need to be mounted in any test.

• The most obvious is a cyber-attack on the system, to see if we can steal data or compromise the system.
• The second is through subornation of suppliers, former and current programmers, operations personnel, or other employees.
• The third is through gaining physical access and stealing the appropriate media.

In addition to these attacks, it is recommended that active monitoring be put in place on the assumption that the system will be compromised in spite of our best efforts. We suggest the installation of software, hardware, or a monitoring service that identifies and traces attempted hacks, and that all attempted hacks be followed-up upon. In many cases the reputation for tracking down attempted hacks becomes quickly known within the community, and dissuades hackers from further attempts.

Further, we also recommend the installation of a "Honey Pot:" This is a set of faux data which contains communications protocols that will allow us, on behalf of your client, to track the successful hacker. Additionally, software that allows you to track the movement of data may be a prudent investment.

As with any protective project, we need to define the scope of the project, examine current protective procedures, determine what needs to be defended, and how we will measure success and failure. From this base, the LUBRINCO Group can help you minimize the risk of your on-line exposure.

Contact the LUBRINCO Group about on-line data protection.

Return to LUBRINCO economic espionage page

Return to LUBRINCO home page