'Cyberterrorists' could be in your own backyard

To your list of year 2000 worries add the possibility that a disgruntled employee has put a virus or Trojan horses into your code as part of his Y2K "remediation" effort.

Scanning the remediated source code won't find the rogue software because it was added to your object code by a rigged compiler, according to security expert Alan Paller, research director at the SANS Institute in Bethesda, Maryland.

In a briefing to system and network administrators and security professionals here September 16, Paller outlined a number of scenarios -- some real, some hypothetical -- illustrating the risk systems face from "cyberterrorists." He demonstrated several powerful hacking tools that anyone can download from the Internet and apply with very little know-how.

Paller said consultants doing "penetration testing" for clients typically find from five to 30 vulnerabilities per system. But administrators are often so overworked that they patch only a fraction of the holes found, he said.

And administrators face other pressures. "Their bosses tell them, 'Just get this one project done and then you can get back on security fixes,'" Paller said. Complaining to management about a lack of resources to improve security "just sounds like whining," he added.

Paller said that SANS, an information security education and research group, recently teamed with security experts to map out some practical steps to improving security. They are developing a three-level scheme that will help users take the easiest but most important steps first, he said.

Join the newsletter!

Error: Please check your email address.

More about SANS InstituteThe SANS Institute

Show Comments

Market Place