Security Technology News - December 2009
IT Security 'At Risk' From International Cybercrime
Posted by Security Technology News' International Correspondent on 17/12/2009 - 15:46:14
A more vigilant approach to information security is required thanks to the increasingly sophisticated methods being deployed by cybercriminals, a leading IT security expert has warned.
Speaking at the Enterprise Security 09 event, Adrian Davis from the International Security Forum said that it is becoming more challenging to protect data and information because cyber crime is becoming more international and therefore more difficult to prevent.
Davis gave a stark warning to IT security professionals: "People say: ‘we'll trap the criminals'. Yeah right."
International cybercrime
Davis explained that cybercriminals are more financially motivated. He gave an example of a recent cash machine theft in Latvia, explaining: "A group of hackers broke into a Latvian bank, reset all the PINs, then employed 400 people to go to all ATMs in the capital and withdraw the maximum amount of money, walking off with a cool £1.5 million."
Moreover, detecting and preventing cyber attacks is complicated by the fact that cybercriminals increasingly operate as international networks. Davis said: "These guys are thinking in a very sophisticated way, and they are getting quicker and more agile. They're breaking up syndicates, so somebody in Brazil will do the money laundering, someone in Russia will write the code and somebody in America will send the email."
Cloud computing security
Another speaker at the convention was Dr Guy Bunker from security advocacy group the Jericho Forum. With cloud computing a booming trend, Dr Bunker argued that organisations must work improve to understand how cloud computing affects the security environment. He said that IT managers "need to understand the consequences, and make sure that the people up the chain of command understand them as well."
Bunker also said that organisations thinking of using cloud computing must ask tough questions about their suppliers, such as: "Are the APIs open? If you're using a proprietary system _ which is fine _ but you want to change providers and there aren't open APIs to extract the data, what do you do then? Understand that the risks are not the same."
Bunker added that questioning cloud providers about the storage of data, what processes were involved in securing information and if the data would be shared further in the event of further outsourcing should be a priority for organisations investigating cloud computing.
Source _ Security International's UK Correspondent
Further resources:
Recently Added News
-
Sports Stadium Security Software Unveiled
Sport Evac software allows stadium security officials to trial new emergency evacuation procedures ahead of time
-
DMARC Technology Firms Challenge Email Spam
15 of the world's best-known technology firms are working together to try and take on the global issue of email spam
-
EU Data Protection Law Update Proposed
Uncompromising new consumer data protection laws are to be announced by European officials, bringing the 1995 Data Protection Directive up to date
-
London Olympics Drug-Testing Centre Unveiled
World-class Olympic drug-testing centre will process 6,000 athletes' samples and be in non-stop operation during the 2012 Games
Networked Video Surveillance
e-commerce company, Komplett use Milestone's IP video management software for networked video surveillance to manage shrinkage and track multi-national deliveries.