Just what motivates the bad-guys to hack into a computer or network infrastructure? According to Stuart McClure, vice-president of operations, strategy for McAfee Inc.’s risk and compliance business unit, and one of the authors of the book Hacking Exposed: Network Security Secrets & Solutions, malicious intent, combined with design flaws, misused functionality and poor common sense are what cause these attacks to happen.
Speaking in Toronto yesterday, McClure revealed why and how hacking occurs. What’s heard so often is that attacks and exploits often occur as a result of malicious motives. But in addition to this, McClure says design flaws, misused functionality and poor common sense are other contributing and instigating factors.
To help prevent these hacks from happening in the first place or in the future, McClure suggests some actions that both individuals and businesses can take.
Sometimes it takes an attack, whether it is in the form of a worm, malware or privacy breach to become more security conscious and pro-active, he explained. Compliance regulations and deadlines will also lead to more acceptance and adoption of the appropriate security-related measures and solutions.
McClure discussed a number of different hack scenarios, one of which he says is called an SSLstrip exploit.
“This is performed over the network where ARP (Address ResolutionProtocol) poisoning or spoofing occurs,” he said. “When this happens, all of the Internet traffic that usually goes through the firewall and router, is actually being transferred somewhere else and it’s not encrypted. People think their information’s secure, but it’s really not because the traffic is being redirected.”
For channel partners, McClure says partners can offer live demonstrations to their customers, showing them just how easy it is to hack into a system. This should be done on the partners’ own systems and after their agreement too, he added. Partners should also work on building their credibility through metrics by quantifying and tracking their risk experiences over time.
“Everyone has to be involved and thinking the same way,” McClure said.
“Users need to be educated. Talking to the CSO (chief security officer) is a good place to start, and from there, talking to the CIO (chief information officer) and then the CEO.”
Michelle Warren, president of Toronto-based MW Research & Consulting, says it’s important that partners work to promote security awareness and change through education.
“Especially in Canada, many small businesses often wait for attacks, or they don’t do anything because it’s (compliance is) too expensive and takes a lot of time,” Warren said. “If partners do live demonstrations for their customers, they’d have to involve the vendor to help them out too.”
Warren suggests that an up and coming opportunity for security-focused partners will be in the wireless and handheld space.
“Because wireless rates are coming down and people usually show more impulsive behaviours on mobile devices, resellers can apply the same (security) measures on phones, as they would with computers,” she said.