For TechRepublic, I'm Bob Artner. We want to talk today about backdoor or second-generation security attacks. To illustrate my point, I've drawn the world's most simplified security outline. Here we go. On the one hand, we've got the bad guys. On the other hand, we've got the corporate jewels. What are they trying to get after? Usually your company Web site, your company e-mail server, and by extension the rest of the storage on the network. So, you know what happens, they come after you right away, right in your face. Deny service attacks into the company Web site, try to overwhelm your e-mail servers with volume and with viruses.
So what do you do? You respond as a security professional by putting firewalls, increasing firewalls, adding authentication into the company Web sites, having corporate anti-virus screening at the server level, and you say to yourself, "My problems are over. Everything is perfect." Well, it's not like that. What happens now? Your backdoor attacks. Bad guys, they're not stupid, whether they were, they recognize the security is stronger here, so they come in and they look at end users, and then they look at your vendors. They say, "You know what, we can't get in through here perhaps, but end users connect to company e-mail servers through VPNs, or through dialogue, so we'll go and attack here. We'll try to get a vulnerability here because they might not even have a firewall at their house, or their apartment, or if they do it's probably pretty weak, or it's got a standard 'change me' as the default firewall password." Or they'll go and will try to get a vulnerability at a vendor site who's connected to you through the Xtranet, and then they get into your corporation that way.
So, what you have to say to yourself as a network security professional is, you know this stuff is important. It's necessary, but it's not sufficient. I've got to go now and secure the weakest links in my security chain and close down the back door.
