Hackers Claus havoc at Xmas – shows study!

London – December 2009 – As the holiday season starts to ramp up businesses are being warned about the need to secure their IT defences against the onslaught of hackers who are ready to take advantage of skeleton staff running IT departments over the holidays.

According to Michael Hamelin, chief security architect with Tufin Technologies, the security lifecycle management specialist the Christmas and New Year - holiday periods are the times when the heavy-duty hackers come out to play.

"And whilst you're doing your shopping or putting your feet up, our research shows that the would-be `Neos' of this world stop watching their DVD box sets of Matrix, and start hacking business computer systems," he said.

"Our survey of 79 hackers at the annual Defcon 17 event in Las Vegas back in August revealed that 81 per cent of the hackers view the holiday season as the ideal time for hacking business computer systems," he said.

Whether this is for mischief or criminal purposes, the effect is usually the same, said the security professional, adding that businesses come back to the offices after the holidays to find that the hackers have caused havoc with their IT systems, as well as gaining unauthorised access to the system's data.

Tufin's research revealed that 52 per cent of hackers said they preferred weekday evenings to gain unauthorised access to computer systems, whilst 32 per cent hacked away during weekday office hours, and just 15 per cent spent their weekend breaking into online systems.

"It's received knowledge in the security world that the Christmas and New Year season are popular with hackers targeting western countries," said Mr Hamelin, adding that hackers know this is when people relax and let their hair down, and many organisations run on a skeleton staff over the holiday period.

96 per cent of hackers in the survey said it doesn't matter how many millions a company spends on its IT security systems, as it's all a waste of time and money if the IT security administrators fail to configure and watch over their firewalls.

86 per cent of cracker respondents felt they could successfully hack into a network via the firewall; a quarter believed they could do so within minutes, 14 per cent within a few hours.

Just 16 per cent, meanwhile, said they wouldn't hack into a firewall even if they could.

"This may be stating the obvious," said Hamelin, "but poorly configured firewalls remain a significant risk for many organisations."

"It's not the technology that's at fault, but rather the configuration and change control processes that are neglected or missing altogether," he explained.

"Best practice suggests you should test and review your firewall configuration regularly, but many organisations fail to do so," he explained.

Validating the frustrating gap between compliance and security, 70 per cent of the hackers interviewed said they don't feel that regulations introduced by governments worldwide to implement privacy, security and process controls have made any difference to their chances of hacking into a corporate network.

Of the remaining 30 per cent, 15 per cent said compliance initiatives have made hacking more difficult and 15 per cent believe they've made it easier.

Tufin is offering some useful recommendations to make sure you don't become a hacking victim over the Christmas and New Year break:

1) Always test the firewall before holidays. Review and remove any unnecessary rules and objects, as Tufin's experience has shown that many of the firewalls tend to offer functionality that was not being used or intended. A test of the gateway and the firewall will reveal the services in use, which can then be reviewed and removed as required.

2) Restrict firewall services to authorised IP addresses. Restricting services offered to only authorised address ranges effectively hides their presence to the Internet, whilst at the same time still enabling the service to be used by intended users.

3) Apply latest relevant patches and workarounds Attackers are often able to profile the firewall and VPN location and type based on the default ports in use. It is a high priority to keep a disciplined approach to patch updates.

4) Enforce session logging and alerting to detect attacks. Log and alert any and all failed port scans or attempted connections to VPN and firewall management ports. This will help to detect potential hacker attacks and take preventative action.

5) Spring clean your firewall policy. If any default ports are detected, organise a spring clean of the firewall policy configuration to ensure there are no hidden errors resulting from a default installation.

6) Set a limit on the number of failed authentication attempts. Lock out an account and raise an alert flag after a set number of failed authentication attempts.

And on a lighter note………….

7) Don’t open up those “home shopping services” to help your colleagues get their shopping done on time.

8) Just because it’s Christmas does not mean that you should throw out the rule book about opening “presents” from anonymous donors.

9) Don’t invite strangers into your network during the annual Christmas party.

10) It’s not the season of goodwill to ALL men so don’t leave backdoors unlocked!

Tufin™ is the leading provider of Security Lifecycle Management solutions that enable companies to cost-effectively manage their network security policy, comply with regulatory standards, and minimize IT risk. Tufin's products SecureTrack™ and SecureChange™ Workflow help security operations teams to manage change, minimize risks and dramatically reduce manual, repetitive tasks through automation. With a combination of accuracy and simplicity, Tufin empowers security officers to perform reliable audits and demonstrate compliance with corporate and government standards. Founded in 2005 by leading firewall and business systems experts, Tufin serves more than 400 customers in industries from telecom and financial services to energy, transportation and pharmaceuticals. A respected member of the network security community, Tufin partners with leading vendors including Check Point, Cisco, Juniper, Fortinet and F5, and is committed to setting the gold standard for technological innovation and dedicated customer service. For more information visit www.tufin.com, or follow Tufin on: Twitter at http://twitter.com/TufinTech,

LinkedIn at http://www.linkedin.com/groupRegistration?gid=1968264,

FaceBook at http://www.facebook.com/home.php#/group.php?gid=84473097725

The Tufin Blog at http://tufintech.wordpress.com/

The Tufin Channel on YouTube at http://www.youtube.com/user/Tufintech