The Aurora attack – can you be safe from cyberattack in your business

Monday, January 18, 2010

The latest news items revolve around the quite large alleged attacks on Google (and other companies) from China. Mcafee on Operation Aurora

“Microsoft Internet Explorer that was used as an entry point for “Operation Aurora” to exploit Google and at least 30 other companies.” – Mcafee.

Microsoft posted this security advisory:
Microsoft Security Advisory (979352) – Vulnerability in Internet Explorer Could Allow Remote Code Execution

However, this is simply a continuation of larger issues.

When investigating cyberattack against businesses, we see an awful lot of sloppy security. Of course, not where most people expect it. Most everyone runs virus protection (sometimes 3 or 4 – I guess just to slow down their computers), firewalls (again sometimes 3 or 4! A corporate Firewall, then Windows Firewall, then McAfee or Norton as well!) Perhaps it’s fear of the unknown, perhaps it’s the old “more is better” concept. Try removing all those extra anti-virus and firewall apps, use one and make sure it’s working properly.

However, the real threats are not so much from random attacks. Real threats generally come from inside somewhere. Either an unhappy employee, or simple social engineering. I suspect both are at play in the Google attack. The weakest link in your corporate computer security often sits at one of your corporate computers drinking coffee.

Security always goes back to basics. Additionally, there is no security which is 100%. None. Well, ok there is one way – disconnect your computer from the ‘net and turn it off. That should protect you pretty well.

If, however, you feel the need to remain connected, then continue with the basics. Don’t panic over the little stuff. Here are some basic common sense security tips (which are amazingly not so common sense!)

• Change passwords regularly and use strong passwords.
• Change all important system passwords when employees leave.
• Backup backup backup. Store backups in multiple locations. Offsite if possible.
• If it’s important to your business, TREAT it as important!
• Let your IT people upgrade Internet Explorer. If you’re still using IE6 for business then you don’t care about your business. (or switch to an alternative browser)
• Hire professional IT people, and trust them.
• Let your IT professionals know of “odd” behavior. Sometimes it points to security issues that need to be addressed.

Finally, do your best, and understand that there are people, companies, and countries which do nothing but try to hack. Many are after information, so think seriously what you store and how. Ponder how you’ll feel if you find out Google lost vital information about your company.