356 big reasons for UK CIOs to switch to encrypted drives revealed

Basingstoke, October 2009 (Eskenzi PR) – Reports that UK chief information officers reported a whacking 356 data loss incidents in the last 12 months - approaching double that of the year previous - should sent shivers down the spine of any self- respecting IT security professional, says Andy Cordial, managing director of Origin Storage, the storage systems integration specialist.

"If you research into the figures, which were released by the Information Commissioners Office under the Freedom of Information Act, you discover that 127 devices such as laptops were stolen and 71 incidents involved memory sticks, CDs and other data storage devices," he said.

"And, incredibly, despite the infamous high-profile HMRC disk loss incident (http://preview.tinyurl.com/yfdb7e7) in March, 2007, the data reveals that there were 24 incidents of data lost in transit via courier servers in the year to September 2009," he added.

Cordial went on to say that, when you realise this compares with "just" 190 incidents a year earlier, you begin to realise the scale of data security losses in corporate Britain today.

If you said that UK PLC's IT systems were leaking data like a sieve, you wouldn't be far wrong, especially when you realise these incidents involved organisations whose CIOs was prepared to come clean on their problems, he explained.

The probability of many more CIOs loving in blissful ignorance of their underlings quietly sweeping their data mistakes under a very deep pile carpet is also extraordinarily high, he went on to say.

"Words like `fiasco' and `disgrace' spring to mind, but in some ways I feel quite sorry for the organisations whose IT systems have been shown to be about as secure as a paper bag on a windy day," he said.

"And with highly secure PIN-enabled AES-encrypted drives up to one terabyte in size now available in the market http://preview.tinyurl.com/lr68jm, there really is no excuse for this situation. The affected CIOs should be ashamed of their staff," he added.

For more on the Software AG freedom of information revelations:

For more on Origin Storage: http://www.originstorage.com


IronKey response to BBC Watchdog's Wi-Fi insecurity claims

BBC Watchdog's Wi-Fi insecurities can easily be countered says IronKey

An in-depth report on BBC TV's Watchdog consumer affairs programme on Thursday evening (http://preview.tinyurl.com/ykps7tm) revealed how insecure thousands of UK's Wi-Fi hotspots really are.

Colin Woodland, EMEA director of field operations with IronKey, highlights that many easy to use solutions exist to counter the problem.

“Entertaining though the Watchdog programme was, I think they got it wrong when they said that securing a laptop Wi-Fi session was technically tricky. Laptop security technology is no longer the domain of the techies as the technology is now easy to install and use for most laptop users.

"The WatchDog report referred to technically complex systems such as virtual private networks (VPNs) being a solution to the problem of Wi-Fi session eavesdropping and interception, but many solutions are a lot simpler than that," he said.

Laptop Wi-Fi users simply need to use technologies such as a secured and trusted web browser, hardware based session encryption, virtual keyboards and two factor authentication or similar authentication technologies to ensure you - and only you - can log into a Web-based email session, with no chance of being intercepted" he added.

According to the secure flash drive specialist's director, whilst VPNs are technically complex to set up, the use of private secure session’s technology and strong authentication technologies are easy to use and will help to make it impossible for the man-in-the-middle type of attack shown on Watchdog.

Using a trusted and self contained web browser which is stored on a flash drive and securely encrypted until needed means that it cannot be tampered with to install malware or spyware.

Virtual keyboards - where a simple software plug-in to the Web browser allows users to tap in their IDs, passwords and other critical information by `clicking out' letters and numbers on the computer's screen, rather than the keyboard - are always an excellent security option on any machine where there is a chance of malware being installed said Mr Woodland.

The use of a plug-in USB Hardware based encryption (https://www.ironkey.com/demo-personal) or similar technology, meanwhile - using a true random number generator and very secure hardware based encryption to outfox would-be data thieves - can also be used to secure an online session, he went on to say.

"These simple to use security building blocks can help to ensure that laptop and netbook data sessions - no matter what the underlying data technology is being used - are secure from prying eyes," he concluded.

For more on the BBC TV Watchdog Wi-Fi security revelations: http://preview.tinyurl.com/ykps7tm

For more on IronKey: www.ironkey.com

Eskenzi PR


Hotmail, Gmail and Yahoo Scams

by Michael Smith (Veshengro)

The phishing scams that extracted, for lack of a better word, passwords of the g-ds only know how many accounts of those, and maybe even other, email servers, prove yet again that users are basically clueless as to cybersecurity, despite all the regular warnings everywhere, including radio and TV even ion some places.

Time and again it simply amazes me how gullible users are and how they still think that providers (and banks) send them emails of the kind that were used in this scam, and similar that are used in the usual banking scams, that ask for passwords – and in the case of banks PINs and such.

Why, and this is beyond my comprehension, does it seem to be so difficult for users to understand even the most basic principles of online security. It is not rocket science but to most users it might as well be.

This is the same as to anti-virus software where some do not have the faintest idea, so it would seem, that it is no good just having such software installed on the computer without ever updating it.

As to such scams where the criminals phish for personal information, passwords, and other such stuff, neither any proper email provider, nor Facebook, Twitter, any financial institution, and other service provider, etc., will ever send our emails asking for password, or similar or to ask a user to verify his or her password.

Also, if you receive an email that tells you you have won the lottery at home or abroad, then that, you can rest assured, is also a scam and a phishing attempt. First of all if that is a lottery you have not or cannot have entered and secondly I have yet to see a lottery company that actually takes your email address or such. So, those emails are fakes, believe me, and are meant to trick you into giving away pwesonal security information.

Cybersecurity, in its basic form, is not rocket science but very much a case of common sense.

In the same way as one does not hand one's credit- or debit card PIN to anyone, not even to employees of the bank – even if they should ask for it (they have not right to do so, by the way) – neither does one do that with one's passwords to online service, computers, etc. anywhere.

But, as they say, there is one born every minute.

© 2009


AVG Goes Back to Basics with AVG 9.0

New product offerings deliver 50 percent faster speed, improved performance, and ease of use, with industry’s only free identity theft protection

Amsterdam, October 2009 - AVG Technologies, developers of the world’s most popular free anti-virus software, today announced that its family of free and paid internet security products, AVG 9.0, would be generally available to the market in October 2009. Boosted by significant enhancements in speed and levels of protection, AVG 9.0 is also easier to use and improves end user experience. Additionally, all AVG users in the U.S. will benefit from a groundbreaking identity theft offering, powered by a partnership with Intersections Inc., North America’s leading and most innovative provider of consumer identity theft prevention solutions which has served more than 25 million consumers. AVG’s new technology products ensure that users are safe in whatever online or offline activities they undertake.

“AVG 9.0 will provide home computer users with a more powerful and more streamlined solution that adds protection without impacting user experience, taking us back to our core strength of low impact, high performance security,” said J.R. Smith, CEO, AVG Technologies. “We’ve always believed that everyone has the right to a safe online experience. With AVG 9.0, we are providing first-class assistance to our users in their development of tools and measures for their safety from all of the threats posed by cybercriminals and identity thieves, whether they’re working, playing, banking or shopping on the web.”

AVG 9.0 Delivers Speed and Layered Security Protection

Because AVG knows scanning time is critical to its customers, scan optimization is a top priority for AVG 9.0’s combined anti-virus/anti-spyware scanner, which employs new technology. This marks files as safe or potentially unsafe during the initial scan, and skips the safe files in future scans unless the file structure changes. As a result, users experience dramatically reduced scan times – by up to 50 percent depending on system configuration – as well as improvements of 10 to 15 percent for boot times and memory usage. In addition, in order to face the increasing threats of today’s online world, AVG 9.0 combines all modern technologies to optimize real time protection. Starting with the foundation of signature-based protection to deal with known threats, AVG 9.0 builds on top of that behavioral, in-the-cloud, and white listing technologies to address the tens of thousands of new threats daily.

Revolutionary in AVG 9.0 is the integration between the Resident Shield, firewall, and identity protection modules. This enables the modules to share malware information with each other, increasing AVG’s ability to detect and remove most malicious types of malware, rootkits, and ID Theft threats, for which signatures have not yet been issued. The firewall enhancements include a complete redesign to reduce intrusive firewall ASK dialogues by 50 percent. This also makes the firewall application significantly quieter and less intrusive, as its new trusted database of applications and application certificates allows the application, without user intervention, to see whether it is safe to allow communication of the application or if it should be blocked. Additionally, because the new firewall works behind the scenes with the behavioral detection technology in the AVG Identity Protection module, it can deliver one of the most accurate detection levels of new and unknown threats.

Additionally, AVG 9.0 delivers improved anti-phishing detection through enhancements to its LinkScanner offering, which can now more quickly and accurately determine whether or not a web page is hosting a phishing attack. This is accomplished by allowing the software to apply more than 100 different potential threat indicators to a page. If the result is inconclusive, LinkScanner then makes a call to the cloud to check a multitude of phishing feeds plugged into the AVG research network to make a final determination regarding threat potential.

AVG 9.0 delivers a solution that is laser focused on user concerns and protection, and is marked by a new look and feel designed to significantly improve user experience and ease of use. Responding to customer feedback, the AVG installation process has been shortened by 50 percent and the user protection process is dramatically simplified. Finally, it is also significantly easier for users to detect and remove any third-party security product that could cause conflicts with AVG 9.0 and interfere with the user’s level of protection.

AVG Gives Users Additional Tools to Fight Identity Theft

According to the 2009 Federal Trade Commission report, as many as nine million Americans have their identities stolen yearly and more than a quarter of the more than 1.2 million complaints received during the 2008 calendar year involved identity theft. Because identity theft takes many forms, from online fraud when shopping and banking on the web to offline fraud when paying a bill at a restaurant or shopping at a store, AVG now provides additional protection against identity theft in the physical world, the AVG Identity Theft Recovery Unit.

Added Smith, “Our addition of the identity theft protection and support services is game changing for the security space, as no other vendor is addressing this critical issue with an offering to its customers, free of charge. This is further evidence of AVG’s unparalleled commitment to its customers.

The Identity Theft Recovery Unit is a service that will provide AVG customers in the US who have been a victim of identity theft with support from a team of dedicated identity theft recovery experts to help resolve issues, free of charge. AVG is the only security vendor to offer this type of unique service for free to its customers, which will be accessible through the AVG Security Toolbar. AVG sees this as an extension of its ability to provide users with the latest technologies that keep them safe while using the Internet and ensure they are protected from today’s threats. If an AVG user believes they may be a victim of identity theft, they will call the Identity Theft Recovery Unit. Intersections’ experienced fraud specialists will consult with the customer, to help them determine if they have, in fact, become a victim. And, if so, they will obtain and review the customer’s credit reports and enroll them in daily credit file monitoring and alerts for six months. In addition the specialists will work with the victim in wading through the bureaucracy of paperwork required by government agencies to re-establish their identity.

Availability and pricing

The complete AVG 9.0 paid family of consumer products is available now at www.avg.com/home-and-office-security. Pricing for a one-year, one-seat license for AVG Anti-Virus 9.0 starts at $34.99 and a two-year, one-seat license for AVG Anti-Virus 9.0 starts at $51.99. AVG Free 9.0 will be available mid-October and will be able to be downloaded at www.free.avg.com.

For more information on the complete range of AVG security products for consumers and small businesses, please visit www.avg.com.

Keep in touch with AVG

For up-to-the-minute news on the latest cyberthreats:

For general AVG updates:


SQL injection attack likely to blame for the Guardian site hack

Imperva attributes Guardian site hack to application level weaknesses.

26th October 2009 (Eskenzi PR) - The old security chestnut of SQL injection weaknesses may well be the cause for the weekend high-profile hacking of the Guardian Jobs Web site, says Imperva, the data security specialist.

Amichai Shulman, Imperva's chief technology officer, said that the most eye-catching feature of the site hack is the use of the phrase `sophisticated and deliberate attack.'

"Our experience shows that `sophisticated attack' is usually a pseudonym for `SQL Injection', although I must admit that an initial glimpse into the site hints that it may actually be a more sophisticated hack than the usual," he said.

"At the end of the day, however, I don't think that it's much more than SQL Injection, sophisticated or otherwise," he added.

If it were a Trojan based attack (as happened in the TJX site hack - http://preview.tinyurl.com/ywdxf7) then they would have stated it by now and used a different wording like `hackers who managed to break into the Guardian network.'"

According to Shulman, if, as seems likely, an SQL injection attack was to blame for the Guardian site hack, then tagging it as `sophisticated' might be a bit misleading, though not uncommon.

Organisations, he explained, have a tendency in such attacks to attach superlatives to the attack techniques used in a compromise in order to diminish from their responsibility.

"The only positive thing one can say is that the Guardian is not itself to blame, as the BBC news report on the incident refer to a third party company supplying the service. This is small comfort to site users, however, who will now be worried about identity theft issues," he added.

For more on the Guardian site hack: http://preview.tinyurl.com/yfjectu

For more on Imperva: http://www.imperva.com


Guardian hack shows Web portals becoming prime target of cybercriminals

Finjan says controlled access Web portals now prime target of cybercriminals

Farnborough, United Kingdom –26th October 2009 (Eskenzi PR) - As news of the Guardian web site hack broke on Sunday, Finjan, the business Internet security specialist, said that identity information on consumers and companies continues to be a prime target for criminal hackers.

"As we identified back in May of last year (http://preview.tinyurl.com/ykml7ef) - when our researchers discovered a Crimeserver containing more than 1.4 gigs of data on individual and business credentials - data that can be assembled for user in identity theft kits has been right up there on cybercriminals shopping lists for some time," said Yuval Ben Itzhak, Finjan's chief technology officer.

"Although top Web sites have been - and continue to be - targeted by cybercriminals, those sites that store identity information will continue to a primary target, especially now that criminal hackers are being affected by the economic situation we all find ourselves in," he added.

And with the holiday season now starting in earnest, he went on to say, IT managers will be under immense pressure to maintain the status quo on their security, so it is important that managers make full use of the automated technology at their fingertips to help stop hacker incursions into their site data.

Securing Web applications using web application firewalls and securing the backend database using database security tools, he explained, are a logical course of preparing to defend those IT resources that contain personal and business data.

But, he went on to say, security vendors have reported on additional attack vectors such as the theft of administrator FTP server credentials, which are then later used by cybercriminals to penetrate even more highly secure Web sites.

"Usually, cybercriminals are using this type of stolen data to create fake identities, as well as generating spam plus phishing attacks, as well as many other scams," he said.

"Auctioning stolen identity information is another technique that our researchers have spotted. It's also worth noting that Guardian portal is not alone in being attacked by cybercriminals, as other US job sites have also been hit using this hacker methodology," he added.

For more on the Guardian Web site attack: http://preview.tinyurl.com/yfsttak


Finjan warns companies as China prepares for cyber-espionage

Farnborough, United Kingdom – October 2009 (Eskenzi PR) – A report commissioned by a US Congressional advisory panel monitoring the security implications of trading with China has warned that China has started spying on the US government and major companies.

And, says Finjan, the business Internet security specialist, now is the time for companies to start beefing up their IT security defences to stop them falling victim to what appears to be a rash of impending cyber-espionage from the Far East.

" Many cyber attacks and hacker incursions originated from China have been implicated in into Western IT systems in recent years. Obviously it's hard to prove beyond a shadow of a doubt that the government there is involved in these attacks, however according to the report it's quite likely that government is active in this domain," said Yuval-Ben Itzhak, Finjan's chief technology officer.

"It's against this backdrop that we've been conducting investigations into Chinese attacks on Western public and private-sector IT systems for some time," he added.

According to the Finjan CTO, his company's malicious code research centre (MCRC) conducted in in-depth study into the rising volume of attacks emanating from China and reported that there were some very sophisticated attacks taking place.

In the study (http://tinyurl.com/yfsfdzu), he explained, Finjan's research team found at least one set of attacks coming from a server group that belongs to a Chinese government office.

Researchers, he said, discovered that some sites in the network lead to Trojan sites that exploit the users' Web browser software by downloading the Trojan and installing it on the user desktop.

Once the users' PC has been infected, he went on to say, the Trojan then starts to send data to other Web sites on the Internet-connected network.

Additional sites in the network, meanwhile, were found to monitor and control the attack using statistics as to how many users visit the site and how many got infected.

"And that was two years ago, so you can imagine that the Chinese hacker attack groups - regardless of who they are affiliated to – have increased in their level of technology sophistication, so this report serves as a clear warning to companies of the need to review and enhance their IT security defences," he said.

“Tools and products to fights against the increasing cybercrime from China are available for US Businesses and individuals. The reason many businesses are becoming victims to these attacks is the lack of knowledge and the false believe that their existing Firewalls and Anti-virus can do the job for them. Although that was the case 10-5 years ago, since cyber criminals introduced new attack techniques Firewall and Anti-virus are not enough to stop today’s cyber attacks.”

For more on the US government-commissioned report into cyber-attacks and espionage: http://tinyurl.com/ygcmh9b


AVG LinkScanner adds real-time protection to your browsing

AVG LinkScanner adds real-time protection whether you use Internet Explorer or Firefox

by Michael Smith (Veshengro)

There are a number of tools that do a great job of cleaning up after a spyware or scareware infection, or even after a Trojan has gotten through. Wouldn’t it be great, however, to prevent this sort of thing before it happens?

Anti-virus vendor AVG Technologies (Grisoft) is hoping that by releasing its LinkScanner technology as a free, standalone product it will be able to help protect us from an expanding online threat.

Since most email is protected, so it is reckoned by some, by ISPs and users are getting smarter about using anti-virus software and firewalls, most malicious code is now distributed by web site visits. A computer can be infected by a so-called “drive-by download” just by visiting an infected site.

Some vital stats are:

  • On any given day, some two million web pages are poisoned by hidden threats.

  • 60 percent of malicious web sites appear for less than one day.

  • Real-time scanning is critical as relying on a database of known URLs isn’t sufficient protection.

AVG Link Scanner is not new, but previously you could only get it as part of the AVG Anti-Virus or Internet Security products, and it was only part of the paid-for tools.

But now you can add this functionality to your security toolbox, even if you use other security products, and it is for free.

At the heart of the LinkScanner is technology that analyzes web links in real time and determines if they pose a threat. If they do it is said that it prevents you from downloading those pages. Now, I cannot vouch for that because I am not about to try. When the scanner tells me there is a link that it is not happy with an marks it as red then I am not about to go and try to get past that and endanger my system.

It also works in conjunction with major search engines to give you a visual indicator on the safety of the links returned in the search results. Green check marks indicate you are safe to click through.

In addition it will also secure links in web mail services – it works well in Yahoo Mail – and also on Twitter. It does not, as yet, seem to work with Facebook, for instance, and it is there where we could do with it as well.

You may remember when AVG 8.0 was released that there were some slow browsing issues reported, related to LinkScanner.

Since then, optimizations have been put in place to minimize that side effect, including a fix to resolve an issue with Windows Vista.

I have had it installed since they released it, and while there are other that say that they have not noticed any perceptible slowdown I have to say that on some places, such as Google, and Twitter, it can take quite a while before the scanner gives its ratings.

However, I rather accept a little slowdown than to have my system compromised and infected by malware and such.

LinkScanner runs on both Windows XP and Vista (32 & 64bit versions) and is a free download for non-commercial use.

© 2009


Kingston Increases Speed on DataTraveler 410 USB Flash Drive

Faster Read/Writes Follow Speed Increases on Consumer-Level USB Drives

London, UK (Catalysis) – Kingston Technology Europe Ltd, a subsidiary of Kingston Technology Corporation, today announced it is increasing read and write speeds on its Kingston DataTraveler® 410 USB Flash drive to 20MB/sec. read and write. Shipping in capacities up to 32GB, the speedy DataTraveler 410 allows for faster file transfers and is password protected to help keep data secure.

The faster read and write speeds make the DataTraveler 410 the ideal drive for high-definition photos, large documents, presentations, music, videos and other data. It includes SecureTraveler software, which allows users to create and access a password-protected area of the drive called the “Privacy Zone.”

The increased data transfer rates of the DataTraveler 410 follows a recent speed bump of the higher capacities (16- and 32GB) of Kingston’s consumer-level DataTraveler I G2, DataTraveler 101 and DataTraveler 112 drives to read and write speeds of 10MB/sec.

Kingston DataTraveler USB drives are backed by a five-year warranty and 24/7 tech support. For more information, visit www.kingston.com.

DataTraveler 410 Product Features and Specifications:

  • Capacities: 4GB, 8GB, 16GB, 32GB
  • Dimensions: 2.58" x 0.71" x 0.41" (65.76mm x 17.98mm x 10.7mm)
  • Fast: data transfer rates of up to 20MB/sec. read and 20MB/sec. write
  • Operating Temperature: 32º F to 140º F (0º C to 60º C)
  • Storage Temperature: -4º F to 185º F (-20º C to 85º C)
  • Simple: just plug into a USB port
  • Practical: capless swivel design protects USB connector; no cap to lose
  • Guaranteed: five-year warranty
  • Safeguarded3: includes SecureTraveler security software for Windows
  • Enhanced4: for Windows ReadyBoost™ on Vista-based systems

Some of the listed capacity is used for formatting and other functions and thus is not available for data storage. For more information, please consult Kingston’s Flash Memory Guide at www.Kingston.com/Flash_Memory_Guide.

The speed may vary due to host hardware, software and usage.

Those with administrative rights can protect corporate data by creating a partition on the drive for additional security with SecureTraveler.

Although DataTraveler 410 is enhanced for ReadyBoost, SecureTraveler will not operate properly if ReadyBoost cache is enabled on the drive. However, you may enable ReadyBoost cache on a separate drive.


Parkeon keep Hackers at Bay with Application Security Software

Fortify Software Chosen by Parkeon to keep Hackers at Bay

(Eskenzi PR) – Parkeon, one of the world’s largest parking and transport management solution providers who are present in 40 countries, has announced that they are using Fortify Software’s expertise to check their latest state of the art electronic ticketing solutions to ensure their software is secure and vulnerability free. The ticketing systems and software which have been designed and built in-house are using Fortify’s award winning software and expertise to ensure that when they go to market, their systems meet the stringent compliancy standards and recent regulations such as PCIDSS and PADSS.

Parkeon are world renowned for their parking and transport management solutions, and have developed over 150 software systems, process 550,000 payment transactions per month and centrally monitor 21,000 terminals. It was therefore essential that at the very early stages of designing their latest electronic ticketing and transaction product that the developers were building stringent and secure software, with code that was watertight, free of flaws and would prevent any future hacking incident or breaches. Fortify’s expertise was engaged very early on in the development process as it was a natural choice being the application security and testing provider chosen by government, the forces such as the US Air force, many of the major banks such as ABN-AMBRO and JP Morgan, and many of the Fortune 500 companies.

Parkeon are now on target to move quickly through the audit process that will test that their latest innovative and cutting edge payment systems are secure for the customers waiting to use them.

Luc Porchon, at Parkeon, said “We have clients all around the world who currently use our products and the market has needed a reliable and secure payment system. We decided in order to provide one that we trusted and would be up to the demands and scrutiny that our clients required, we would need to design and build it in-house. With the latest compliancy regulations it was imperative from the very early stages that our software was secure and bug free. Using Fortify’s expertise to test our software right at the code development stage for vulnerabilities and then removing those flaws has been essential in getting our product to market on time. We will continue to use Fortify software to test all our software to make sure it is secure at all times.”

Gael Barrez, Country Manager for France, said “For the last 3 months we have been consulting with Parkeon to check and scrutinize their software to make sure that it gets through the stringent standards expected of the latest PCIDSS and PADSS standards.

Our latest software can quickly and easily check all code at source to test for flaws and then seal any vulnerabilities which is what most common hackers are looking for in order to breach the system. We are satisfied that using our award winning software, Parkeon will be able to bring to market their excellent and very exciting new secure payment systems on time and on budget.”

Fortify®'s Software Security Assurance products and services protect companies from the threats posed by security vulnerabilities in business–critical software applications. Its software security suite–Fortify 360–drives down costs and security risks by automating key processes of developing and deploying secure applications. Fortify Software's customers include government agencies and FORTUNE 500 companies in a wide variety of industries, such as financial services, healthcare, e–commerce, telecommunications, publishing, insurance, systems integration and information management. The company is backed by world–class teams of software security experts and partners.

Parkeon is a key player in urban mobility. Thanks to the wide-ranging services it offers, which are unique in terms of parking and transport management, Parkeon is today present in 40 countries. Its capacity for continual innovation has been displayed throughout its 35 year history. Parkeon systems and equipment facilitate management and mobility in over 3000 towns and cities. The leader in ticketing and systems for parking and transport payment, Parkeon employs more than 1100 staff around the world and registered a turnover of 176 million euros in 2008. Based in Europe, the company is present in France, where its head office is located, in Australia, Belgium, Germany, Italy, Spain and the UK, and in the USA. It relies on an international network of partners to cover other markets.


Research Shows Companies Still Struggle to Protect Consumer Credit Card Data

Ponemon Institute and Imperva Survey Shows Companies Still Struggle to Protect Consumer Credit Card Data

71% of companies do not treat PCI as a strategic initiative —yet 79% have experienced a data breach

55% do not secure Social Security numbers, driver’s license numbers, and bank account details; Consumers are more at risk with smaller businesses

Data security leader Imperva provides recommendations to consumers, businesses and PCI DSS Council in advance of the Oct 31st deadline

(Eskenzi PR) – Imperva and the Ponemon Institute today announced the findings of a survey across more than 500 U.S. and multinational IT security practitioners showing that, despite the Payment Card Industry’s (PCI) Data Security Standard (DSS), companies still struggle with data security, putting consumers at continued risk for identity theft. In fact, 71% of companies surveyed admit to not making data security a top strategic initiative, and 55% admit to only securing credit card information and not sensitive information such as Social Security numbers, driver’s license numbers, and bank account details. However, the survey also found that companies taking a strategic approach to PCI compliance have fewer data breaches. Based on these findings, Imperva is making specific recommendations to consumers, businesses and the PCI DSS Council to improve the safety of consumers’ personal information.

The PCI DSS standard was put into effect to provide security guidelines to all businesses that handle credit card information to better protect consumers. Since it was enacted in June 2005, the number of data breaches and amount of credit card fraud has continued to rise.

According to the survey of more than 500 U.S. and multinational IT security practitioners at companies with an average of $5.6 billion in annual revenue:

71% of respondents do not treat PCI as a strategic initiative, yet 79 percent have experienced a data breach involving the loss or theft of credit card information.

55% of respondents focus only on credit card data protection and do not attempt to secure sensitive information such as Social Security numbers, driver’s license numbers, bank account details and other data about people and families.

60% of respondents don’t think they have sufficient resources to comply with PCI and bring about a necessary level of cardholder security.

“Nobody is in business to be compliant. But there is a silver lining to this survey: if you protect consumers as required by the PCI DSS standard, there is an incredible opportunity to improve your overall security posture,” said Shlomo Kramer, Imperva’s CEO.

“Security departments are using PCI compliance as leverage to gain more budget, but these resources are not always translating into greater security for sensitive customer data,” said Larry Ponemon, chairman and founder, Ponemon Institute. “The results of our study indicate that while some companies have figured out how to convert PCI standards into an overall security mandate—many more have not.”

Smaller businesses struggle the most

The survey found that only 28% of smaller companies (501-1000 employees) comply with PCI as opposed to 70% of larger companies (75,000 or more employees).

“Companies devote 35% of their IT security budgets to PCI compliance on average, making cost a significant obstacle, especially for smaller companies,” explained Amichai Shulman, Imperva’s CTO. “This is why Imperva is recommending that the PCI DSS Council modify the requirements for larger and smaller companies to take into account different environments and security needs.”

“The PCI Security Standards and the card brands must update the PCI-DSS so that it’s risk-based, depending on the system configuration of the complying company. The ‘one size fits all’ approach of the current standard imposes unreasonable requirements on many companies that have simple networks, or have implemented security technologies that aren’t included in the PCI standards, but provide equal or greater levels of protection,” said Avivah Litan, Vice President and Distinguished Analyst with Gartner Research in a May 2009 report, “Moving Beyond PCI at Visa’s Global Security Summit.”

Companies that take a strategic approach to PCI compliance have fewer data breaches

The PCI DSS standard has the potential to make a powerful impact to corporate IT security initiatives. The survey shows that 27% of companies believe that PCI-DSS compliance is positively contributing to their organizations’ security posture and are taking a strategic approach to compliance. In fact, companies that were fully PCI compliant had fewer breaches than those that were not compliant. However, the majority (73%) of respondents have achieved PCI compliance using a basic, checklist approach.

Imperva’s recommendations to consumers, businesses and the PCI DSS Council

To coincide with the October 31st deadline for input on changing PCI-DSS standards, Imperva is providing recommendations to consumers, businesses and the PCI DSS Council.

For PCI-DSS Council:

Have a compliance logo for consumers. Today, companies can’t articulate their security efforts to consumers, and consumers are not aware of the compliance status of the retailers they do business with. As a consequence, companies cannot leverage their investment in PCI compliance to gain competitive advantage.

Modify compliance needs for larger and smaller companies. Smaller companies need to have a modified standard that takes into account different environments and security needs.

Consumer recommendations

Look for PCI compliant companies—In general, companies that were compliant suffered fewer breaches. Although compliance doesn’t guarantee perfect security, it helps the odds.

Business recommendations

Use PCI to bring about a broader, more effective security program.

Use PCI as a way to get senior management aware of and involved in IT security. PCI creates a business case that is tightly coupled to information security.

Assign a clear champion who owns and drives PCI as well as security that is strongly empowered to direct numerous teams for support. Without a clear champion, security—and compliance—will suffer.

For more information

Listen to Imperva’s Chief Security Strategist Brian Contos interview Dr. Larry Ponemon in a podcast or download the transcript.

Imperva, the Data Security leader, enables a complete security lifecycle for business databases and the applications that use them. Over 4,500 of the world’s leading enterprises, government organizations, and managed service providers rely on Imperva to prevent sensitive data theft, protect against data breaches, secure applications, and ensure data confidentiality. The award-winning Imperva SecureSphere is the only solution that delivers full activity monitoring from the database to the accountable application user and is recognized for its overall ease of management and deployment. For more information, visit www.imperva.com.

The Ponemon Institute© is dedicated to advancing responsible information and privacy management practices in business and government. To achieve this objective, the Institute conducts independent research, educates leaders from the private and public sectors and verifies the privacy and data protection practices of organizations in a variety of industries. Visit the Ponemon Institute at www.ponemon.org.


The largest IT companies in the world use Storage Expo to showcase their latest products

(Storage PR) Storage Expo taking place on the 14th – 15th October at Olympia in London is established as the event where new technology is launched for the data storage and information management markets. The 2009 event continues this precedent with many of the largest IT companies in the world using the event as a showcase for their latest products. www.storage-expo.com

According to Natalie Booth, Event Director, “This year Storage Expo will tackle the key issues that facing data storage and information management professionals head on with its revamped education and seminar program. It offers businesses access to some of the best advice in the industry for free, with its fantastic line-up of over 65 keynote speakers and industry experts and a total of 114 seminar sessions over 2 days. We expect there to be a plethora of new technology announced at Storage Expo this year and many of the exhibitors are keeping their product launches under wraps until the first day of the event. However, here are a few examples of what exhibitors can expect to see at the show.”

Hewlett-Packard’s highlight of Storage Expo 2009 will be the new Extreme Data Storage (ExDS) solution, which can scale up to petabytes of data. HP will feature its industry leading range of virtualised storage portfolio of products and services and also hold real world demos of backup, disaster recovery and virtualisation solutions.

Double-Take Software will be showcasing two new products, Double-Take Availability and Double-Take Backup, at Storage Expo. These new solutions complete Double-Take Software’s Workload Optimisation suite of products, providing businesses with real-time backup as well as improved protection for business data and applications. Double-Take Backup provides real-time replication of data to continuously protect workloads. It is aimed at organisations that want to centralise and consolidate their backup strategies, allowing them to get workloads up and running rapidly by recovering them to new physical hardware or into a new virtual machine with minimal effort. Double-Take Availability is an updated version of Double-Take Software’s market-leading business continuity product. It adds new application-aware monitoring capabilities, enhances protection of Microsoft SQL environments and introduces a new way of re-synchronising protected data, dramatically reducing re-synchronisation times compared to competing solutions.

Origin Storage will be launching the 1 terabyte version of Datalocker, a portable secure drive, at Storage Expo. Data Locker mounts an operating system only when the correct PIN has been entered on the LCD keypad. You can also use the LCD screen to change the Data Locker PIN, dismount the drive, toggle the encryption on or off, or wipe the drive clean. The Data Locker will allow you to store and protect all of your highly sensitive data, and personal files. It is available in five different capacities, 160GB, 320GB, 500GB and the latest editions of 750GB and 1 Terabyte and will be a vital piece of equipment for local governments and businesses alike.

This year’s Storage Expo will see the launch of Pillar’s ‘Stop Storage Waste Campaign’, which will be focusing on how organisations can maximise their storage infrastructure and stop the chronic underutilisation that is currently evident in so many storage environments. This falls in line with Pillar’s application-aware storage systems that differentiate services by priority, allowing users to match applications to appropriate service levels within a single storage platform, delivering higher utilisation rates and lowering operational costs.

To support the overall campaign, Pillar will be discussing its new 2TB SATA Drives for Enterprise Customers. Pillar is the first network storage company to make 2 terabyte SATA drives available to the enterprise market, as part of its award-winning Pillar Axiom storage system. The new drives push the Axiom’s overall usable capacity to over 1.6 petabytes per system, while driving down overall power consumption by 50 percent and space consumption by 2X. Furthermore, Pillar will be discussing how through its innovative use of Solid State Drives (SSD) in its Axiom storage system, it can deliver the single best $/IOP in the storage market today. Pillar will also be updating the market on how it can drive down the $/IOP of SSDs to half that of traditional Fibre Channel drives and how these new SSD Bricks will reduce overall power consumption by up to 85 percent.

Hitachi Data Systems is showcasing its entire product portfolio on stand 350 at Storage Expo 2009. With live demonstrations of its product and service offerings, Hitachi Data Systems’ representatives will be on hand to show customers how they can better manage their storage arrays, drive business value from their data and achieve operational and capital expenditure savings. In these tough times, customers are looking to utilise their existing assets rather than make new investments on IT hardware. Hitachi Data Systems will be showing visitors how this can be achieved without comprising on high performance.

CA will focus on three key customer issues:

  • Reducing risk and cost with a turnkey business continuity & disaster recovery managed service - CA Instant Recovery on Demand
  • Simplifying licensing - CA Managed Capacity Licensing
  • Enterprise Class data protection at an affordable price - ARCseve & Xosoft

Through two key presentations in the seminar programme, Eric Pitcher (VP of Global Product Management ) and Tim Goodwin (Senior Director for Channel Sales) will outline how CA are helping customers to address these issues. With demonstrations and presentations of the latest releases of ARCserve and Xosoft along with CA’s Cloud computing offering can also be seen on the CA stand and in the Cloud Zone.

For more on Storage Expo: http://www.storage-expo.com

Storage Expo from 14th – 15th October, Olympia, London, is the UK’s definitive event for data storage, information and content management and provides visitors with the opportunity to compare the most comprehensive range of solutions and services from all the leading suppliers. The unrivalled education programme will also enable you to learn how to address today’s key issues with expert advice from a wide range of industry experts and peers.

With the sheer rate of data growth, organisations increasingly have to look at not only how they store data, but also how they manage and protect all kinds of information, from its creation, through to archiving and final destruction. Visiting Storage Expo will help you discover the most effective tools and methods to meet your storage, information and content management needs.


Cybercriminals set to ride Google's Wave

Cybercriminals set to ride Google's Wave says Imperva

(Eskenzi PR) As interest in Google's Wave technology - the online giant's successor to old-fashioned email - peaks, so hackers and scammers will inevitably ride the coat tails of Wave Web searches and attempt to divert Internet users to malicious and infected sites, says Imperva, the data security specialist.

"Reports are already coming in of criminal hackers poisoning Google search results and you can expect similar scams to be pulled by hackers intent on routing Internet users to infected Web sites," said Amichai Shulman, Imperva's chief technology officer.

"This will almost certainly be achieved by hacking into large numbers of Web servers and injecting malware references into the system. The process will be automated using botnets, which will target SQL injection vulnerabilities in Web applications," he added.

According to Shulman, the irony of this type of attack is that, in order to work out which servers to target, the hackers will probably use Google to search them out.

The second stage of the attack methodology, he explain, is to promote pages infected with malware by hacking into Web applications - which are mostly PHP-driven - and creating a revised index that includes link to the malware-infested pages.

The problem facing the Internet industry, he explained, is that, although companies tend to dismiss the chance of their applications being hacked due to a lack of public interest, this is not going to be the case with Google Wave search infections.

"Contemporary hacking campaigns are highly sophisticated and are engineered to select popular search terms on Google, and infect every possible related vulnerable target," he said.

"The net result of this is that, although Google itself is relatively impervious to hacking attacks, the weaknesses of ancillary Web search result supporting technologies makes it possible to subvert user clickthroughs to land on infected pages," he added.

For more on Google Wave interest hacking: http://tinyurl.com/ye5fmng

For more on Imperva: http://www.imperva.com

BESA releases ‘ICT in UK State Schools’ research

Desire for more ICT in schools, yet spending declines

The British Educational Suppliers Association (BESA) has released its annual research into the opinions and trends of ‘ICT in UK State Schools’. The highly anticipated research provides analysis into the likely provision of technology in UK state schools in the next year and gives extensive insight into teacher confidence, training and the level of ICT in schools.

BESA’s research is based on a survey of ICT co-ordinators and heads of IT from 770 primary and 572 secondary schools from across the UK, conducted in June 2009. Although the research comes at a time of economic recession and frequent policy and curriculum changes, the results for 2009 indicate a positive approach by educators for purchasing and using ICT, although a reduction in investment in ICT by schools is forecast.

Ray Barker, director of BESA explains: “The BESA ICT in UK State Schools research indicates that after year-on-year increases in ICT budgets since 2001, we are now naturally experiencing a reduction in estimated ICT allocations from school budgets. This is not surprising as schools are under many financial pressures. Education funding has not been reduced and schools know that they have necessary funds; however during uncertain times, and with pressures to change upon them, schools appear to be treating ICT budgets with caution.’

Ray Barker continues: “Many schools indicate they still feel under-equipped in vital ICT equipment, such as laptop computers and internet access for pupils. This is because they are now wanting to use such resources more as ICT becomes more ‘embedded’ within the curriculum. In fact, the figures show that there have never been so many computers and interactive whiteboards in UK classrooms. This is in part due to the efficient procurement of resources by many schools as well as a drop in prices of individual units. They may be spending less, but they can get more for their money.”

ICT budgets

The research shows that primary school ICT budgets are estimated to decrease by 2.2 per cent in 2009-10, while secondary school budgets indicate a reduction of 1 per cent, excluding budgets on curriculum software and digital content. This will result in UK-wide budget allocations declining by £9.8 million.

A typical primary school ICT budget is anticipated to be £13,380 in 2010-11, while secondary budgets are set to decrease to £62,970. This represents declines of 4.4 per cent and 2.7 per cent respectively. ICT allocations from school budgets are estimated to be around £556 million in 2010-11 – again excluding curriculum software and digital content.

Ray Barker comments: “Ring-fenced funding for ICT has now ended and schools are making their own purchasing decisions. They will be spending their funds wisely in the light of their own school development needs. This will be reflected at BETT this year. This show has grown because educators believe that ICT can make a difference and they need to be brought up-to-date with what is ‘out there’. This year will be no different with expected numbers reaching over 30,000. We don’t want schools to be saving their money ‘just in case’. The funding is available and needs to be spent on the life-chances of young people. If we are to become a competitive economy then education – and technology – will be key.”

Teacher confidence and training

Ray Barker adds: “Another issue the BESA research identified was the reduction of teacher confidence in using ICT. There was a 10 per cent drop in confidence and competence using ICT in the curriculum from 2007 in primary schools, and an eight per cent reduction in secondary schools.”

The research also found that 59 per cent of primary teachers will receive ICT training in 2009, compared to 67 per cent who expected training in 2008. 55 per cent of secondary teachers will receive training in 2009, compared to 72 per cent in 2007.

Ray Barker comments: “Whether the reduction in teacher training has led to a lack of teacher confidence in using ICT, or if it is the result of a greater variety of ICT being used in today’s classrooms is debatable. Teachers are using technology more so will be finding themselves lacking in confidence in many areas, such as the use of learning platforms, as Government pushes them to meet exacting targets. This is why BESA supports the educational technology show BETT, where educators can continue their professional development while testing out the latest in ICT resources with practical advice from their peers.”

Computer levels

On a positive note BESA’s ICT in UK State Schools research found that, on average, schools offer one computer per 6.9 pupils in primary schools (7.4 pupils per computer in 2005). The same move was found in secondary schools with a reduction in the number of children sharing a computer (down from 5.5 in 2005 to 4.2 pupils per computer). Overall, there are anticipated to be 2.5 million computers in schools during 2010. ICT leaders consider there to be a need for 3.2 million computers to fully implement ICT development plans, a figure which has doubled since 2003.

The ‘BESA ICT in UK State Schools’ publication is free to BESA members, or can be purchased directly from BESA by non-members (Ph: +44 (0) 20 7537 4997). A summary of the study findings is available free on the BESA website, please visit www.besa.org.uk. BESA publish several annual research papers, including ‘Resources in English Schools’.

BESA, the British Educational Suppliers Association, is the trade association representing over 300 educational suppliers in the UK, including manufacturers and distributors of equipment, materials, books, consumables, furniture, technology, ICT hardware and digital-content related services to the education market.

With 75 years of experience, BESA offers unparalleled support, research, events and advice on both UK and International markets, and the future of the education supplies industry. BESA is focused on promoting and providing support and advice to their members, the industry and to schools.

BESA has a Code of Practice to which all members must adhere, along with a stringent membership process, both of which assure buyers of a high standard of quality in both product and customer service.

For more information, please visit www.besa.org.uk

Brand identities online can now be protected with new product

Unique service launched to protect brand identities online

by Michael Smith (Veshengro)

Woking, UK – First Cyber Security (FCS) announce the availability of their unique SOLID 3PV(TM) service (Secure OnLine IDentification third party verification). The technology originally showcased at the IP risk and management forum in June is now available.

SOLID 3PV (TM) is a unique technology which allows website visitors to authenticate logos, pictures or references to particular companies or brands. Simply by hovering the cursor over such entities a window appears showing the logo of the brand owner. The appearance of the window and brand owners’ logo are confirmation that the brand owner has given permission for the reference to be used.

To avoid fraud the window moves across the screen, out of the browser and merges with First Cyber Security’s SOLID Authentication window, the leading consumer orientated, website verification technology.

“We are delighted with the interest created from the showcase of our SOLID 3PV(TM) technology. Premium brands are looking at it to reduce sales of counterfeit goods and certification markets are using it for consumers to verify continued eligibility to their approval schemes,” said Rod Pugh, MD First Cyber Security. “The recent announcement by the OFT ‘s ‘Just Tick It’ campaign concerning online ticket sale scams proves this technology is needed to ensure the consumer knows which websites are authorised by the promoters, to sell tickets online. Every year many people are duped into buying tickets from unapproved websites which not only result in them losing money, but also not being able to attend the event, for which the tickets had been purchased.”

“Brand owners lose millions of pounds every year to websites which sell counterfeit or stolen goods. Technology which gives them the ability to clearly indicate to consumers those sites which are permitted to sell genuine products clearly provides value to brand owners and consumers alike” commented Andrew McClelland, Director of Business Development at IMRG, the e-retail trade association. “This technology can also show consumers using e-retail sites whether certification marques such as, security and approved buyer schemes are being used correctly by website owners. Additionally, should any website fail to continue to meet the requirements of such approvals, the marques owners have the ability to remove this verification giving them total control over how their branding is used.”

First Cyber Security is a UK based company who have patent pending technology in the area of authentication of IP communication. Their foundation product SOLID Authentication (Secure OnLine IDentification) allows users to positively validate websites and protects them against fraudulent ones, significantly quicker than existing mechanisms for protecting against fraud. Banks, retail and government organizations can subscribe to the service and give their consumers a robust protection against fraud at no cost to the consumer. The SOLID 3PV (TM) service protects brands against illegal use of their logos and trademarks, reducing sales of counterfeit products and protecting their brand.

IMRG is a membership community for the e-retail industry, whose vision is to maximise the commercial potential of online shopping.

With more than 18 years experience in a rapidly-changing e-commerce market where sales continue to grow year on year, we help members maximize the business opportunities, and stay up to date with developments in the e-retail marketplace.

IMRG membership comprises hundreds of retail organizations, and enterprises that supply technology and services to facilitate e-retail solutions.

The organization's activities span the e-retail spectrum – from online, telephone and mobile commerce, to digital TV.

Services like that, hopefully, will make online shopping a saver environment and a better experience for many people, and I must say myself included, are still rather concerned as to the security of online shopping, online banking and the like.

Personally, despite a strong password, had my Nectar Points account messed with in that someone had changed the address associated with it. Other people that I know have had things like that happening to other kinds of accounts and in all such instances it would appear that people actually working for the companies concerned passed on information to criminals.

The insider threat has to be eliminated also. The threat of employees of the companies that operate the sites able to obtain passwords and such and then make use of those or sell them to criminal elements.

All web security will not make one iota of a difference there.

© 2009


Lingerie and IT – what’s the connection?

I’ve just come back from a seminar organized by an IT security integrator which was held right next door to a lingerie exhibition, ours was quite full, but theirs had people queuing out the door to get in. I was amazed at the number of men that had registered for the sessions, and I have to admit that the folks giving the demos were certainly more pleasing to the eye than the bunch of IT chaps that I had to sit and listen to!

And then I’m thinking – IT Security used to be “sexy”, what’s happened?

So we’re into a presentation and demo of automatic policy generation for firewalls and I’m thinking “I wish I was next door” but then I’m slowly being seduced by what I’m seeing. Maybe it’s an age thing but I found myself thinking less about the demos next door and started to be drawn into a description about how the firewall administrator was able in a few minutes to carry out forensics on their firewalls. I was getting excited about this, rather than dreaming about the lingerie exhibition next door. What has happened to me in my middle years?

Suddenly instead of spending weeks or months pouring over firewall logs to find out what was going on he was talking about how they could spot unknown mail servers in the organization, outbound access through non-standard ports, who was accessing which HTTPS and HTTP servers on the internet, and even access to non-corporate mail servers!

Firewall policy management is normally an organizational nightmare. Imagine that an organization with ten to fifteen firewalls could spend anything up to six months trying to get to the bottom of what is going on and even then I am reliably informed by an organization that they tried for six months and hired expensive firewall specialists to do it, only to end up with very poor results.

Now imagine achieving the same results in a matter of minutes. So how do they do it? Well apparently it is something called “Permissive Rule Analysis “technology. This breaks down very general rules until they accurately and exclusively represent the actual traffic. Now I can’t see it being plastered on billboards to keep bored male commuters smiling on the way home, and you’re not going to buy it for your favourite lady as a Christmas present but it definitely got my pulse rushing.

Now automatic firewall policy generation doesn’t look like a “sexy” part of IT. It’s not like you have this amazing GUI, or some brightly coloured box that you can stick in your IT rack and invite your management to come and gaze fondly at their latest expensive gadget. This, like so many other great developments in IT security, is amazing because of what it does in the background. At the seminar the question was asked, “Why would you consider not changing your firewall vendor?” and the universal response was, “We can’t convert our rule bases”.

As every security professional knows, installing a firewall is easier said than done. Creating an accurate firewall policy requires administrators to painstakingly go through a tedious, labor intensive and inefficient log inspection process to try to identify legitimate business traffic and then create a rule set that will meet both security and business objectives. Given the complexity of network traffic today, this approach is never complete, and the only other alternative is deployment of an overly permissive, and ultimately ineffective, firewall policy that doesn’t actually do anything useful.

Well folks, “Permissive Rule Analysis” technology has just broken down one of the biggest barriers for users who want to change, and provides auditors and security officers with the ability to quickly and accurately analyze who is doing what. Suddenly the employee who spends all day browsing websites is exposed; the contractor who is sending emails to an unknown email server is identified. Every breach of policy relating to inbound/outbound traffic is identified. Administrators can remove Any/All parameters from rules and ensure that only essential services and destinations are accessible.

You know what – IT Security is still “sexy” although it still has some way to go to compete with next door’s “GUI”.

Calum Macleod, Regional Manager, Tufin Technologies


Disaster Recovery set to be a hot topic for 95% of organisations

London (Storage Expo PR) - Storage Expo is coming in mid-October and research conducted by the organisers reveals that virtualised technology is going to be high on the agenda of many attendees.

A pre-exposition study of more than 400 IT professionals revealed that 95% of organisations have migrated (28%) - or are planning to migrate in the next 12 months (67%) - to a virtualised IT environment as a means of improving their disaster recovery options.

And the same percentile again (95%) said that storage area networks already form (30%) - or will form in the next 12 months (65%) - part of their virtualised infrastructure.

One of the storage exposition and conference planned keynote speakers, John Abbot, founder and chief analyst with The 451 Group, said that the most significant change that virtualisation brings to the mix is the isolation of workloads from the underlying hardware.

This translates, he says, to enhanced flexibility and the removal of the need to implement and maintain a single, uniform platform, resulting in significantly reduced costs, due to lower redundancy and higher utilisation.

According to Mr Abbott, whilst the added complexity at the planning stage of virtualisation can act as a barrier to new business, "once users gain more confidence in the emerging set of new tools, then sales will accelerate. When properly implemented, virtual infrastructures can form the basis of automated backup, retention, business-continuance and disaster-recovery processes."

Careful planning, however, he said, is required to achieve the best value for money.

"For instance, many secondary applications could get by with the 'good enough' capabilities of VMware High Availability," he explained.

Virtualisation predictions

Mr Abbot makes the interesting prediction that - over the next 12 to 18 months - the virtualisation market will change.

Current vendors, he said, must adapt to these changes. Fortunately, he says, most of them have already moved beyond a focus on local high availability toward remote availability and disaster recovery.

"Although VMware is still the dominant player by far, it's a certainty that Microsoft, Citrix and Red Hat will gain significant market traction," he explained.

It's against this backdrop that Mr Abbot said that cloud-based disaster recovery services represent an opportunity for vendors.

It is, however, he said, unlikely this type of business will go to the consumer-oriented cloud services such as Amazon and Google.

"Traditional hosting vendors like SunGard are already moving in, targeting small businesses that are virtualising their primary sites but haven't had the resources to set up their own remote disaster-recovery site," he explained.

Mr Abbot will be joined by three other industry professionals - Roger Bearpark, assistant head Of IT with the London Borough Of Hillingdon; Neil Edmonds, systems specialist with The Salvation Army and David Weston, IT infrastructure manager with the Oxford University Press - to give a keynote on disaster recovery.

Entitled `Break Point: Disaster Recovery & The New Availability,' the must-attend keynote will look at how IT systems can be made more resilient and less prone to failure.

Storage Expo, which takes place at London's Olympia on October 14/15, seeks to answer many of the virtualisation and disaster recovery questions that hard-pressed IT managers are asking.

With two days of stimulating and thought provoking seminars that reflect the needs of today’s data storage professionals and information management experts, Storage Expo 2009 gives you the chance to improve and update your storage and information management strategies.

Sessions that focus on Virtualisation, Disaster Recovery or SANs include:

  • SAN Optimisation Best Practices: Seeing Through The Clouds Of Virtulization - Mike Royle, IT Director, Enterprise Services, Unilever – Speaking on behalf of Virtual Instruments
  • The Dangers Lurking In A Virtual Environment - Kevin Moreau, General Manager (UK & Ireland), Acronis
  • Online Business Continuity - Its About Recovery NOT Just Backup - Steve Evans, Operations Director, Smartways Technology Limited
  • Online Business Continuity - Its About Recovery NOT Just Backup - Mr. Steve Evans, Operations Director, Smartways Technology Limited

Storage Expo held from 14th – 15th October, Olympia, London, is the UK’s definitive event for data storage, information and content management and provides visitors with the opportunity to compare the most comprehensive range of solutions and services from all the leading suppliers. The unrivalled education programme will also enable you to learn how to address today’s key issues with expert advice from a wide range of industry experts and peers.

With the sheer rate of data growth, organisations increasingly have to look at not only how they store data, but also how they manage and protect all kinds of information, from its creation, through to archiving and final destruction. Visiting Storage Expo will help you discover the most effective tools and methods to meet your storage, information and content management needs.

For further information, please visit www.storage-expo.com


Cyber-Ark Powers Flexible, Reliable Governed File Transfer with

New Inter-Business Vault Capabilities

Enhancements Enable Business Processes and Underlying Technology to Ensure the Secure, Efficient and Reliable Exchange of Valuable Business Information

London (Eskenzi PR) – Cyber-Ark, the leading global software provider for protecting critical applications, identities and sensitive information, today announced enhancements to its Inter-Business Vault®, which delivers the combined benefits of governed and managed file transfer capabilities in one centralized, highly secure platform. The new features allow organisations the flexibility to migrate from legacy technologies in order to support more efficient business processes without requiring changes to partners’ existing practices or IT infrastructure.

New features of Cyber-Ark’s Inter-Business Vault (IBV) v5.5 encourage the adoption of more modern, efficient file transfer processes. Additionally, IBV will provide organisations with the flexibility required to easily add new partners and deliver innovative business services to customers with unprecedented short time-to-market. Benefits include ease-of-integration with existing enterprise infrastructure and legacy systems, which reduces operational costs and minimizes IT overhead.

“Cyber-Ark ‘s combined governed and managed file transfer capabilities enable organisations to transform and streamline critical business processes and services with customers and partners while providing full control over data exchange processes,” said Roy Adar, vice president of product management, Cyber-Ark Software. “With the new enhancements to our Inter-Business Vault, organisations can easily upgrade their file transfer technology platform to automate and significantly increase the efficiency of business processes, while still maintaining the ability to exchange documents with their business partners that are using legacy systems.”

Cyber-Ark’s Inter-Business Vault v5.5 includes the following comprehensive enhancements:

Automated DCA workflows with remote FTP and SFTP servers: By supporting Distribution Collection Agent (DCA) workflow automation to legacy 3rd party FTP and SFTP servers, the Inter-Business Vault enables organisations to centrally support partners that use these servers.

"My Transfer Manager" – Personal, clientless file-transfer manager: This secure file exchange enhancement features a web-based interface that significantly improves the user-experience during manual file-transfer operations, especially for large file transfers. In addition, if the network connectivity is interrupted while downloading a larger file, the “My Transfer Manager” feature enables users to easily resume downloading from where they left off instead of restarting the entire download process.

SFTP Protocol Support in “FTP / SFTP Connector”: This enhancement provides organisations with the ability to support and seamlessly integrate with partners’ legacy processes. Specifically, it enhances the Inter-Business Vault’s support for standard SFTP based scripts or clients used by partners for file-transfers globally.

SFE / DCA Integration and Enhancements: This feature enables organisations to define customers’ specific needs and easily customize and generate new services, in order to meet increasing file transfer volumes and demand. Secure file transfer enhancements also enable the creation of a “remote server endpoint” to support automated DCA processes working with remote FTP and SFTP servers, and provide end-users with the ability to move files and folders in a single operation. In addition, SFE enhancements include support for LDAP authentication and provide DCA performance improvements, especially for high-volume process and file transfer concurrency.

Pricing and Availability

The Cyber-Ark Inter-Business Vault v5.5 is available now, and is a core component of Cyber-Ark’s Governed File Transfer Suite. For more information about pricing, please contact sales@cyber-ark.com or call +1 (888) 808-9005 (domestic U.S.) or +1 (617) 965-1544 (international).

Cyber-Ark® Software is a global information security company that specializes in protecting highly-sensitive enterprise data, restricted user and application accounts to improve compliance, productivity and protect organizations against insider threats. With its award-winning Privileged Identity Management (PIM) and Highly-Sensitive Information Management software, organizations can more effectively manage and govern application access while demonstrating returns on security investments. Cyber-Ark works with 600 global customers, including more than 35 percent of the Fortune 50. Headquartered in Newton, Mass., Cyber-Ark has offices and authorized partners in North America, Europe and Asia Pacific. For more information, visit www.cyber-ark.com.

Cybercriminals use Trojans and Money Mules to Loot Online Bank Accounts

In its latest Cybercrime Intelligence Report, Finjan shows how cybercrooks used a combination of Trojans and money mules to successfully avoid anti-fraud systems to steal Euro 300,000 in 22 days

San Jose, CA, USA (Eskenzi PR) – Finjan Inc., a leader in secure web gateway products and the provider of a unified web security solution for the enterprise market, today unveiled new research from its Malicious Code Research Center (MCRC), which uncovered new techniques used by cybercriminals to rob online bank accounts.

Finjan sees the techniques described in this report as the start of a new trend that is expected to grow. These techniques add functionality aimed to minimize detection by traditional anti-fraud technologies in use by banks. More than a year ago Finjan identified the Zeus bank Trojan which today has become one of the most popular Trojans used by cybercriminals to steal money from banks’ customers worldwide.

In its Cybercrime Intelligence Report, Finjan’s Malicious Code Research Center (MCRC) shows how a cybergang used a combination of Trojans and money mules to rake in hundreds of thousands of Euros and to minimize detection by the anti-fraud systems used by banks.

The cybercriminals used compromised legitimate websites as well as fake websites, utilizing the crimeware toolkit LuckySpoilt to infect visitors. After infection a bank Trojan was installed on the victims’ machines and started communication with its Command & Control (C&C) server for instructions. These instructions included the amount to be stolen from specific bank accounts and to which money mule accounts the stolen money should be transferred. Furthermore, the Trojan forged onscreen bank statements concealing the true transaction amount to dupe the account holders and their banks.

The cybercrime intelligence report covers the following:

  • Cybercriminals use sophisticated crimeware tools to steal money online and avoid detection
  • They use compromised legitimate websites as well as fake ones to infect visitors with their crime toolkit
  • Once infected, the Trojans get instructions from its Command &Control center to rob bank accounts
  • Instructions include criteria for the amount that should be stolen from an individual account
  • This method is a highly-effective, “Anti anti-fraud” system detection tool
  • Once the money is stolen, the Trojan creates a forged bank statement to hide the theft
  • The stolen money is transferred to a money mule account and then forwarded to the cybercrooks to prevent any direct money trail
  • The cybergang was able to steal Euro 300,000 in 22 days

“As reported previously by Finjan, cybercriminals continue to follow the money, with bank accounts steadily remaining a favourite among their targets. To avoid detection, cybercriminals continue to improve their methodologies for stealing money and going under the radar from the victims and banks alike. With the combination of using sophisticated Trojans for the theft and money mules to transfer stolen money to their accounts, they minimize their chances of being detected,” said Yuval Ben-Itzhak, CTO of Finjan. “In this case, the specific criteria that the Trojan received from its Command & Control center mark a whole new level of cybercrime sophistication in the techniques used by cybercriminals. Using these methods they successfully evade anti-fraud systems that banks deploy – we dubbed it the Anti anti-fraud.”

The report shows in detail how this cybergang worked and provides recommendations how individuals and banks can protect themselves.

To download the report, please go to www.finjan.com/cybercrime_intelligence

Money mule accounts are legitimate bank accounts owned by legitimate bank users. Cybercriminals hire ‘mules’ by falsely telling them they are working for a legitimate business. These bank account owners or “mules” are normally unaware that they are “muling” stolen money, but think that they are being paid for “working from home” and other moneymaking schemes. To avoid warning signs by anti-fraud systems at the bank, the money mule accounts are only used for a limited number of times within a certain timeframe. Since banks monitor large bank transfers, the amount of money deposited in a money mule account is predefined in order to stay under the radar.

Finjan MCRC specializes in the detection, analysis and research of web threats, including Crimeware, Web 2.0 attacks, Trojans and other forms of malware. Our goal is to be steps ahead of hackers and cybercriminals, who are attempting to exploit flaws in computer platforms and applications for their profit. In order to protect our customers from the next Crimeware wave and emerging malware and attack vectors, Finjan MCRC is a driving force behind the development of Finjan's next generation of security technologies used in our unified Secure Web Gateway solutions.

Secure Gateway provides organizations with a unified web security solution combining productivity, liability and bandwidth control via URL categorization, content caching and applications control technologies. Crimeware, malware and data leakage are proactively prevented via patented active real-time content inspection technologies and optional anti-virus modules. Powerful central management enables intuitive task-based policy management, excellent drill-down reporting capabilities and easy directory integration for all network implementation options. By integrating several security engines in a single dedicated appliance, Finjan’s comprehensive and integrated web security solution enables quick deployment, simplified management and reduction of costs. Business benefits include real-time web security (no patches or updates needed), lower total cost of ownership (TCO), cost savings in administration efforts, lower maintenance costs, and reduction in loss of productivity. Finjan's security solutions have received industry awards and recognition from leading analyst houses and publications, including Gartner, IDC, Butler Group, SC Magazine, eWEEK, CRN, ITPro, PCPro, ITWeek, Network Computing, and Information Security. With Finjan’s award-winning and widely used solutions, businesses can focus on implementing web strategies to realize their full organizational and commercial potential. For more information about Finjan, please visit: www.finjan.com.


FBI and Serious Organised Crime Agency (SOCA) to Present Keynote on the Underground Economy at RSA® Conference Europe 2009

It has been confirmed that Keith Mularski, Supervisory Special Agent at the Federal Bureau of Investigation (FBI) Cyber Initiative & Resource Fusion Unit and Andy Auld, Head of Intelligence, e-Crime Department, SOCA will be giving a joint keynote on Wednesday, 21 October at 12.00pm at RSA Conference Europe 2009. Their keynote entitled The Underground Economy will discuss the inner working of the Cyber Underground Economy and how international law enforcement teams come together to combat cyber criminals and emerging threats.

Keith Mularski is a Supervisory Special Agent assigned to the Cyber Division of the Federal Bureau of Investigation (FBI). Mr. Mularski received his appointment to the position of Special Agent with the FBI in 1998. After attending the FBI Academy in Quantico, Virginia, he was assigned to the FBI's Washington Field Office where he investigated National Security Matters for seven years. During this time Mr. Mularski worked on a number of high profile investigations such as the Robert Hanssen espionage investigation, and the 9/11 Terrorist attack on the Pentagon.

In 2005, Mr. Mularski transferred to the FBI's Cyber Division and is now detailed to the National Cyber-Forensics and Training Alliance (NCFTA) in Pittsburgh, Pennsylvania. The NCFTA is a joint partnership between law enforcement, academia, and industry which seeks to maximize overlapping public/private resource synergies creating a dynamic cyber-nerve-centre for tactical and proactive responses to Cyber-Crime. While detailed to the NCFTA, Mr. Mularski continues to successfully work with Private Industry Subject Matter Experts on a number of joint Cyber-Crime initiatives such as the Digital Phishnet and Slam Spam projects. Mr. Mularski's emphasis has been in the development of proactive initiative targeting of organised international Cyber-Crime groups. Most recently, he worked undercover penetrating cyber underground groups which resulted in the dismantlement of the Darkmarket criminal carding forum.

The 10th annual RSA® Conference Europe will be held from 20-22 October, 2009 at the Hilton London Metropole Hotel, in London.


RBS Worldpay website problems down to lack of code auditing

News that RBS Worldpay's various web portals are "riddled with holes" according to a grey hat hacker have been met with the expected public relations spin that you might expect.

But when you get down to basics, you realise that the reports of Unu, the Romanian hacker, about the vulnerabilities are valid enough.

So how did RBS Worldpay end up in this unfortunate position? According to Fortify Software, the application vulnerability specialist, it all comes down to what appears to be poor code auditing at the programming level.

"Coupled with lack of security soak testing, which is a must-have for any transaction processing system, RBS Worldpay's sites appear to have been hit by cross-site scripting (XSS) security problems," said Richard Kirk, Fortify's European Director.

"Of course, RBS Worldpay isn't alone in its sites having XSS problems, but it is a high profile problem, simply because the company processes card payments online for a large number of e-tailers," he added.

Even though the bank is saying that the database that Unu claims to have compromised only contained dummy data, this is turning into something of a PR disaster, said Kirk.

Banks, he explained, have to be very careful at the moment when it comes to their brand image, for the simple reason that they are being held - rightly or wrongly - as responsible for the current economic woes of the world.

This, says Fortify's director, makes them ultra-susceptible to negative publicity, especially of the type that Romanian blogger Unu has been giving them.

"What's done is done with RBS Worldpay in terms of its reputation from this incident and I wouldn't pretend to tell the bank's public relations department how to go from here," he said.

"The saga is, however, a standout lesson to other financial institutions as to what can go wrong when you don't carry out code auditing and site soak testing," he added.

For more on the Unu saga: http://preview.tinyurl.com/oauoxv

For more on Fortify: http://www.fortify.com