Research


Keys to Thwarting Keystroke Loggers

Remember when hackers were once comprised of a group of young thrill seekers and revenge getters? Now that hacking has evolved into a billion dollar business, the motives behind cybercrimes have changed from, “Let’s break into the school’s network to alter a grade” to “Let’s steal a social security number that can earn me $42 every time I sell it.” Knowing how hackers operate and how companies can be affected when they conduct business on the internet can help you prevent IT fraud and stay one step ahead of the Internet criminals.

Hackers operate through various means including: phishing (which was covered in detail in the February issue of Security Briefing), spyware, brute force programs, insider attacks, keystroke logging, etc. This story will focus on identity theft via keystroke logging.

Keystroke logging (or monitoring) is a program or hardware device that captures every key depression on the computer. Hackers monitor keystrokes to access usernames, passwords, social security numbers and other personal information. The following is an illustration that shows exactly how it works:

Keystroke Logger Diagram

Companies that restrict administrative privileges by not allowing their users to install programs of any kind (software, music files, games, etc.) can protect themselves against keystroke logging. This step will help prevent the download of a keylogger. Likewise, you can help your customers avoid being victimized by advising them to keep their anti-spyware and anti-virus software up-to-date. Additionally, a company can help prevent its unsecured Web server from being affected by keystroke loggers through a comprehensive intrusion prevention system that defends your network and deters both targeted and random attacks. An intrusion prevention system may consist of: signature deployment, anomaly detection, protocol recognition, behavior-based heuristics and human analysis of patterns.

So, what do you have to lose? If hackers use keystroke logging to steal your customer/member information, it could result in a disruption in business, productivity dips, confidential information compromised, money lost and damage to your reputation among your customers/members/investors.

For more information on protection from keystroke logging or SecureWorks in general, contact: 877-905-6661 or e-mail: info@secureworks.com.

News Roundup

BellSouth and SecureWorks Team Up to Deliver Robust Security Solutions

Communication giant BellSouth, a Fortune 500 company headquartered in Atlanta, recently announced that it has expanded its comprehensive IP services portfolio to include managed security services. The security solutions are delivered through a teaming arrangement with SecureWorks.

BellSouth Managed Security Services include network intrusion prevention, managed firewall, host intrusion prevention, vulnerability assessments and email encryption. BellSouth also offers a penetration test that simulates a network attack to determine the impact of potential security threats.

BellSouth is marketing the managed security services through its traditional sales channels. SecureWorks hosts the managed IT security services and provides 24X7X365 monitoring, reporting and technical support to BellSouth customers.

BellSouth Managed Security Services is available in multiple packages:

  • Bundled - with additional BellSouth network and equipment services
  • Security Suite - Managed Security Services portfolio with all five security features
  • Individual Solutions - single security services purchased according to customer need

For more information, contact SecureWorks at: 877-905-6661 or e-mail: info@secureworks.com.

IT Security & Emerging Technologies

Technology matures daily, bringing greater levels of productivity and efficiency into the reach of business owners, managers and employees alike and allowing them to break through the status quo to reach greater heights of success. The boom of the Internet has created a landslide of technology that continues to blanket businesses everywhere, allowing them to utilize their networks and the Internet to store, access and transfer information quickly, efficiently and inexpensively over thousands of miles or to the office next door. Yet the storing and sending of proprietary and sensitive data - the lifeblood of businesses - over internal networks or the Internet has intertwined risks that require caution.

Some of the emerging technologies now poised on the horizon today - bringing businesses greater success tomorrow - include Voice over Internet Protocol (VoIP), Service Oriented Architecture (SOA) and Biometrics. The decision to incorporate such technologies into daily operation should be made carefully, analyzing the benefits and risks involved. Fortunately, while reaching for success by utilizing such technology, one can take steps to secure not only your network, but also your client’s confidence and trust.

  VoIP SOA Biometrics
Benefits
  • Lower overall cost
  • Dedicated handsets
  • Follow me voice messages
  • Seamless use
  • Easy implementation and integration
  • Improved features and performance of software
  • Cannot be forgotten or lost
  • Cannot be replicated
Risks
  • Single point of failure
  • Inappropriate Info sharing
  • Holes created in network
  • Difficult to identify and control
  • May not have security as priority
  • Difficult to implement
  • Database becomes target to hackers
  • Relatively expensive
  • Requires education and training for users
Safe Environment
  • Network Intrusion Prevention
  • Secure perimeter
  • Firewall
  • 24x7 monitoring
  • Security expertise
  • Network Intrusion Prevention
  • Host Intrusion Prevention
  • Vulnerability assessment
  • 24x7 monitoring
  • Security expertise
  • Security assessment
  • Network Intrusion Prevention
  • Host Intrusion Prevention
  • Vulnerability assessment
  • Firewall
  • 24x7 monitoring
  • Security expertise
  • Security assessment

SecureWorks Glossary

The SecureWorks glossary is a new feature to the Security Briefing that will help you define terms used in the IT industry.

Anomaly Detection

An approach to intrusion detection that establishes a baseline model of behavior for users and components in a computer system or network.  Deviations from the baseline cause alerts that direct the attention of human operators to the anomalies.

Brute Force Programs

Brute force (also known as brute force cracking) is a trial and error method used by application programs to decode encrypted data such as passwords or Data Encryption Standard (DES) keys, through exhaustive effort (using brute force) rather than employing intellectual strategies. Just as a criminal might break into, or "crack" a safe by trying many possible combinations, a brute force cracking application proceeds through all possible combinations of legal characters in sequence. Brute force is considered to be an infallible, although time-consuming, approach.

JavaScript

A scripting language developed by Netscape to enable Web authors to design interactive Web sites. Although it shares many of the features and structures of the full Java language, it was developed independently.  Javascript can interact with HTML source code, enabling Web authors to spice up their sites with dynamic content.

Join Newsletter