How can I deal with other e-security threats?

Implementing e-security for your business is not simply a matter of setting up authentication systems. There are also a number of general security issues relating to Internet use that you need to consider, including:

• Viruses - Viruses are malicious pieces of computer code that make unauthorized changes to your PCs. They often distribute themselves via the Internet or email.
• Hacking - Hacking is where individuals gain or attempt to gain unauthorised access to your computer systems. Potential hacking activities include denial of service (DoS) attacks, port scanning and dumping.

This section outlines how you can deal with these threats. As with all the e-security solutions described in this guide, it is important to tailor the solution to the needs of your business - spending too much can be just as dangerous as spending too little.

Viruses

A computer virus is a program or piece of code that is loaded onto a computer and is capable of attaching itself to other files and replicating itself repeatedly, usually without the user's knowledge or permission. A virus can be transmitted through an attachment to an email, by downloading infected programming from other websites, or through a floppy disk or CD.

Some viruses will activate as soon as the infected file is opened, while others will lie dormant in the computer system until activated by a trigger. The trigger could be reaching a specific date or activating a particular function (such as reading an email). While some viruses replicate themselves without causing any further damage, most will also attempt to carry out other activities (known as the virus 'payload'). This can range from sending random emails to deleting the entire contents of your PC.

Other virus-related attacks include worms and trojans. Worms differ from regular viruses in that they only reside in computer memory, rather than attaching themselves to system files. Many email viruses (such as Melissa and the Love Bug) are worms. Trojans are pieces of code hidden in what appears to be legitimate software. For instance, a game you download from the Internet may also contain code to monitor which Internet sites you visit.

The best protection against computer viruses is to use anti-virus software. By being proactive and keeping such systems up to date, you can significantly reduce the risk of your business being harmed by viruses. Anti-virus software should be installed on all your business and home PCs, and updated regularly to ensure you are protected when new viruses emerge. Most anti-virus software packages include regular free updates that you can download from the Internet.

Other steps you can take to protect against virus attacks include:

• Being cautious about opening unsolicited emails, especially if they contain attachments;
• Only downloading software from trusted sites; and
• Disconnecting your PC from the Internet when not in use.

Hacking

Hacking is any attempt by an intruder to gain unauthorised access to your computer systems. Without appropriate security measures in place, any PC connected to the Internet can be vulnerable to attack. Systems used to host websites are frequent targets for hackers.

Activities carried out by hackers fall into several categories, including:

• Denial of service (DoS) attacks;
• Dumping; and
• Port scanning and sniffing.

Each of these potential attacks requires slightly different preventative measures.

Denial of service

In a denial of service (DoS) attack, hackers bombard a website (or other Internet-connected PCs) with requests for information, making it difficult for other users to access. In many cases, DoS attacks can render a device or network unusable. Hackers have developed software to automate DoS attacks, meaning they can be launched by relatively unskilled individuals, and even by business rivals.

While many DoS attacks are aimed at large, well-known businesses, a DoS attack could have a damaging effect on your business. Fortunately, there is good anti-DoS attack software available that offers protection from most DoS attack programs. If your website is hosted by an external company, make sure protection against DoS attacks has been implemented.

Dumping

Internet 'dumping' is when someone takes control of your computer's modem to place calls to high-cost premium rate or international numbers. This can be achieved by inducing users (often by promising adult content) to download new Internet dialler software, replacing their ISP connection. Proving that dumping is conducted without the user's knowledge can often be difficult.

To prevent dumping, ask your telecommunications company to place a bar on all premium calls starting with 190 (e.g. 1900, 1901, 1902, etc.) and on international phone services. If the problem persists, then you can lodge a complaint with the Telecommunications Industry Ombudsman at www.tio.com.au. If your business PCs are not equipped with modems, dumping should not be a problem for you.

Port scanning and sniffing

Dedicated hackers are constantly on the lookout for new systems to hack into. To try to gain information about computers connected to the Internet, hackers use techniques such as port scanning and sniffing, both of which try to find vulnerabilities.

Even if hackers do not gain access, port scanning can increase your Internet usage as it will cause extra data to be transmitted from your PC. If you are paying for your Internet use by volume, this can result in extra costs. Firewalls (see below) are a useful measure for protecting computers from port scanning, although they do not provide complete protection.

Sniffer software tracks data travelling over the Internet or a corporate network. Unauthorised sniffers can compromise a network's security because they are difficult to detect and can be inserted almost anywhere. In this way, hackers can capture unsecured data travelling over a network. This data could include sensitive information such as passwords or financial documents. Again, firewalls can help to protect against unauthorised sniffers.

Methods of protection - firewalls

Firewalls are used to keep a network secure from intruders. Simple firewalls can be implemented as software only; for larger businesses, firewalls may also include dedicated hardware for faster processing. Firewalls are widely used to give users secure access to the Internet as well as to separate a company's public Web server from its internal network.

Small businesses can prevent most of the problems mentioned above with the use of software firewalls. Some are available free of charge, while others are relatively inexpensive. A good firewall will be able to detect trojans, stop entry by hackers and prevent unauthorized network access. Unfortunately, firewalls are not entirely effective in preventing port scanning.

Securing your own PC

Even without special software, there are several steps you can take to make your home or office PC more secure from outside attacks. The exact steps you will take will depend upon the type of operating system you use, but all operating systems can be made more secure with the correct settings.

Settings which you should check include:

• File sharing - If your PC is not connected to an office network, you don't need the file sharing features in Windows switched on. To learn how to disable these features, search for 'file sharing' in the Windows help system. This is particularly important if your PC is connected to a broadband network.
• Browser security - Web browsers include adjustable security settings to protect your personal information. In Internet Explorer, these can be found under the Tools - Internet Options - Security menu.

The importance of real-world security

No e-security policy can be implemented using technology alone. Two important areas to consider are physical security and personnel policy.

Having a physical security policy for IT equipment is vital for protecting confidential data. You may need to consider approaches such as:

• Ensuring your workplace IT equipment is stored in a secure and lockable location;
• Keeping up-to-date logs of all equipment;
• Taking out appropriate insurance policies and developing emergency repair plans;
• Putting extra measures in place for notebook computers (such as encrypting all data stored on them); and
• Making sure all staff are aware of security policies and report any suspicious activities.

You also need to recognise that internal staff can pose a greater security threat than external hackers, since they already have access to sensitive information. Measures you can take to minimise internal risks include:

• Making sure passwords and access systems are revoked when staff resign;
• Not giving any single member of staff complete access to all data;
• Keeping logs documenting access to key business information;
• Implementing and maintaining a strong password policy (further details on this can be found in the 'E-Security Technology Overview' at the end of this guide);
• Conducting regular internal security audits.

Conclusion

Protection against intrusions into your computer system by outsiders are an essential element of your e-security policy. A combination of suitable software (at a bare minimum, anti-virus and firewall products), along with sensible general business security policies, should ensure your business remains safe.

How to make it happen

Web addresses for some suppliers of anti-virus and firewall products are listed below. The Capability Directory of Electronic Authentication Technologies provides a fuller list of organisations that can help.

AusCERT, a single, trusted point of contact in Australia for the Internet community to deal with computer security incidents and their prevention, is a useful source of information on security threats, and provides businesses and consumers with early warnings and security alerts.

Standards Australia can supply a number of publications detailing IT security standards, which can be helpful when you are deciding on a general e-security policy. Although many of these standards were designed for large corporations, they can also be of enormous benefit to small and medium size enterprises. Standards Australia's publications offer a guide that individual organisations can pick and choose from.

Where to go online for more information

Free-Firewall.org - www.free-firewall.org

McAfee - www.mcafee.com

Internet Security Systems - www.iss.net

Symantec - www.symantec.com.au

Trend Micro - http://www.trendmicro.com/en/home/global/enterprise.htm

ZoneAlarm - www.zonealarm.com

Capability Directory of Electronic Authentication Technologies - http://www.aeema.asn.au/neac

AusCERT - www.auscert.org.au

Standards Australia - www.standards.com.au

If you are searching the Web on this topic, try the following search terms: - antivirus (or anti-virus) software, firewall software, PC security, security policies.