Hack Attack ? How to Protect Your Computer Network - 3/28/2005 - Real Estate Education Training Schools Conferences

Hack Attack ― How to Protect Your Computer Network
By Jeff Johnson and Benjamin Harrison, IV, CMIT Solutions

The latest in a series of tech talks for builders.

What would happen if a computer hacker breached your network’s security? Could electronic terrorists steal or damage important company data? They certainly could wreak havoc on your staff for days on end.

And, in a worst-case scenario, hackers could drive you out of business.

The security of your office computer network is serious business and not something to be taken lightly.

Hackers may soon learn, if they haven’t already, that the best way to hit the building industry is right where it hurts — in its computer systems — which could make your business more of a potential target than you might realize.

Hacker Tactics and Preventative Measures

The following is an overview of tactics hackers use to attack computer networks — and what you can do to prevent them:

• Threat: Trojan Horses. These destructive programs often are disguised to look like real programs. They’re actually “hidden bombs” that wait to detonate on command. Trojan horses are programmed to listen for and respond to prompts from a remote system. They can also expose your computer or network to outside attacks.

Threat Level: Very High. A Trojan horse is an active threat. Many actively broadcast their location for others to exploit. Any type of Trojan horse opens up your system and lets hackers access your computer and network.

Prevention: Use server-managed anti-virus software coupled with a good firewall.

• Threat: Virus. A virus is a program that attaches itself to a program, a document or something else in your computer and replicates itself. Viruses can be simply annoying, or they can be malicious programs that delete the contents of your computer or upload confidential information to remote servers.

Threat Level: High. Anything that can potentially wipe out the contents of your computer is a serious issue that must be dealt with.

Prevention: Use server-managed anti-virus software coupled with a good firewall.

• Threat: Worms. A type of virus, worms get into your e-mail system and broadcast e-mails containing replicas of themselves to everyone in your address book. Worms can also find an opening in a network to admit outside traffic.

Threat Level: High. Worms can be damaging and hard to get rid of once they infiltrate your system. At the very least, they’re annoying.

Prevention: Use server-managed anti-virus software coupled with a good firewall.

• Threat: Spam Attack. A high volume of e-mail sent to your company.

Threat Level: High. A spam attack can cripple your company’s internal and external communications. If you use a Microsoft® Exchange server for your company’s e-mail, it can be overloaded and disabled. If your company uses an outside source, a spam attack can fill up your e-mail account and delay or stop legitimate e-mail.

Prevention: If you use a Microsoft® Exchange server, have your IT professional set proper limits on every mailbox to prevent an attack from disabling the server. This should be coupled with good anti-spam software that offers automatic spam attack detection and “zero hour” settings to immediately stop an attack in progress.

• Threat: Port Scanning. Often referred to as the equivalent of “jiggling doorknobs,” port scanning reveals open ports in your network to hackers. If they’re successful, hackers can break into any part of your computer system or install malicious code that disrupts your company’s work, destroys files or does something even worse.

Threat Level: High. If your system is hacked by someone who wants to harm your company, you must take action. If you’re lucky, perhaps it’s only a spammer who wants to use your e-mail system.

Prevention: A multi-tier firewall solution minimizes possible attacks. The first line of defense is a perimeter firewall appliance that “stealths” all unnecessary ports and monitors traffic to ones that must be open.

The second line of defense is a software firewall that monitors and controls how data sent to those ports can be used.

• Threat: Program Exploits. These are techniques designed to take advantage of a flaw or vulnerability in a piece of software (such as an operating system, Web browser or e-mail program). A popular exploit is buffer overflow, where a malicious application purposefully pours too much data into a buffer (a holding point for application data). This exposes system resources to attack.

Threat Level: High. Program exploits are the easiest way for low-level hackers to break into a system. Security flaws in software are often well publicized and certain kinds of software are predictably installed in most businesses.

Prevention: Make sure your network and computers are set up to receive automatic software updates via the Internet. These updates are common for Microsoft® Windows-based operating systems and many Web browsers and e-mail programs. They “patch holes” in previous software versions.

• Threat: Non-Technical Hacking. A hacker can easily gain access to your computer network by calling your office and asking for a password. The hacker usually poses as a representative of the company that provides your business with DSL service (high speed Internet service over phone lines) or perhaps someone from the IT department or corporate headquarters.

Threat Level: Medium. Inexperienced IT staff and computer consultants who focus on the technical side of network security tend to overlook this threat. Non-technical hacking can allow someone to access and perhaps permanently erase sensitive data.

Prevention: Implement a password rotation policy. Train staff about safeguarding sensitive information.

• Threat: Data Harvesting. People can do this by breaking into offices to steal computer hard drives, or by scavenging discarded computer systems, hard drives, tapes, CDs and other backup media.

Threat Level: Medium. Many companies routinely dispose of or donate their computers when they upgrade their hardware. It takes little technical skill to view the files on a hard drive. With a little more skill, passwords and other sensitive data can be extracted.

Prevention: Institute a policy of securely wiping all data from hard drives before they leave the building and storing all sensitive (or even better — all) data on one or more central servers.

• Threat: Denial of Service (DoS) Attack. This type of attack is designed to shut down a portion of your computer network. It’s like someone making prank calls who repeatedly hangs up the phone and calls again. DoS attacks tie up resources and prevent legitimate business from taking place.

Threat Level: Medium. These types of attacks can be coordinated to take down very large corporations. Smaller attacks can shut down your e-mail or Web server for a period of time. In some cases, systems may suffer long-term damage.

Prevention: Use a perimeter firewall application that can detect DoS attacks and block traffic accordingly. It should also include manual “zero hour” protection that allows your network to ignore data coming from an attacker.

• Threat: Dial-In Attack. A computer with a modem that connects to an outside telephone line can automatically answer incoming calls to that number. A hacker can “call” that computer and gain access to your network.

Threat Level: Medium. These attacks bypass your normal parameter security, allowing considerable access to your network. Luckily, fewer and fewer companies use modems connected to outside phone lines.

Prevention: Unplug modems from the outlet unless they specifically need to dial outside. Set the modem to ask for permission before answering. Have a good client-level firewall in place.

• Threat: Phishing. A fast-growing form of fraud, phishing describes a technique used to trick people into giving out passwords, financial information, important company data, etc. Requests for this information seem to come from trusted sources (e.g., the phone company, your Internet service provider, a credit card company, etc.). Hackers sometimes set up phishing Web sites that include logos and other elements to dupe people into thinking a legitimate, established company needs their information.

Threat Level: Medium. This scheme can allow hackers to access your network, make “purchases” on your company’s behalf, etc.

Prevention: Education is the first step to avoid being phished. Teach all staff about the dangers of phishing and the techniques hackers may use. Implement a password rotation policy and a policy about safeguarding sensitive information.

• Threat: Spyware. This threat consists of small software applications that usually are installed on your computer without your knowledge or permission. Spyware collects and reports passwords or other confidential data back to a remote server.

Threat Level: Medium. These programs can be damaging. They are often contained in free programs downloaded from the Internet.

Prevention: Use server-managed anti-adware software. Implement a strict policy about downloading and licensing software.

• Threat: Adware. Adware secretly tracks and gathers personal information and ships it to a remote server for purposes of generating targeted advertisements. It also degrades computer performance.

Threat Level: Low. Although adware reduces productivity due to system slowdown, long-term system damage is minimal. Most information gathered by adware is not linked to a particular company or person and cannot be used to do additional harm.

Prevention: Use server-managed anti-adware software.

You have lots of valuable company information stored in your systems — but are those systems secured against attack?

By taking action now and protecting your network, you may be saving your company for the future.

Jeff Johnson is co-owner of CMIT Solutions and Benjamin Harrison, IV, is a Level 3 Technician at CMIT Solutions. Based in Sacramento, Calif., CMIT Solutions provides computer and technology consulting services for small- to mid-sized businesses. For more information, contact CMIT Solutions at 916-984-6243, or by e-mail at SacCentral@cmitsolutions.com.

Earlier Articles in This Series

• To read, “Know Your Technology Needs Before You Invest,” Part 1 of this series, published April 14, click here.
• To read, “Strategic Planning Software Can Help Focus Your Business Model,” Part 2 of this series, published April 21, click here. 
• To read, “Does Your Planning Software Match Your Project's Sophistication?” Part 3 of this series, published May 5, click here.
• To read, “Don't Put the CAD Before Your Product,” Part 4 of this series, published May 26, click here.
• To read, “Manage Prospects and Buyers More Efficiently With Technology,” Part 5 of this series, published June 9, click here.
• To read, "Automate Your Selection and Change Order Processes,” Part 6 of this series, published on June 23, click here.
• To read, “Scheduling Software Can Improve Your Cycle Time,” Part 7 of this series, published on July 7, click here.
• To read, "An Effective Purchase Order System Enhances Efficiency," Part 8 of this series, published on July 21, click here.
• To read, "Don’t Fix New Software If It Isn’t Broken," Part 9 of this series, published on November 24, click here.
• To read, "Beware Software Consultants Who Are Salespeople in Disguise," Part 10 of this series, published on December 8, click here.
• To read, "Eight Ways to Drive Internet Leads and Sales," Part 11 of this series, published on January 12, click here.
• To read, "Excessive Web Site Graphics Can Stunt Sales," Part 12 of this series, published on February 2, click here.
• To read, "Don’t Let Your Comfort Level Dictate Future Tech Changes ," Part 13 of this series, published on May 17, click here.
• To read, "Tech Talk: Process Integration Levels Your Playing Field," Part 14 of this series, published on Aug. 9, click here.
• To read, "Tech Talk: The Time Is Right for Buying a Computer," Part 15 of this series, published on Aug. 30, click here. 
• To read, "Tech Talk: It Doesn't Hurt to Convert — If You're Prepared," Part 16 of this series, published on Dec. 6, click here.