'Drive-by' hacking a real threat

X-Force -- an Internet Security Systems anti-hacking team -- takes its job very seriously, even taking to the streets of Sydney for security threat analysis in the form of 'drive-by hacking'. A recent analysis conducted by the X-Force team in Australia tested the security of wireless networks operating within Pitt St, Sydney -- a major retail and business centre. The team discovered 12 wireless networks that were easily accessible and vulnerable to hacking. According to Kim Duffy, managing director, ISS, this type of test is a regular one for the X-Force team, and known in security circles as 'drive-by hacking'. Armed with the appropriate knowledge, tools of the trade and access to technologies, it is quite easy to hack into certain wireless networks without leaving the comfort of your vehicle. "You can wander along the street, see a target and try to penetrate their network, all without leaving your car," said Duffy. 'Drive by hacking' is just one form of threat analysis conducted by X-Force for companies within Australia, and around the world. Based in Atlanta, and working with organisations such as the FBI and Interpol, as well as Queensland-based Australian Computer Emergency Response Team (AusCERT), X-Force is designed to expose vulnerabilities and security flaws before hackers have a chance to exploit, or expose these. X-Force offers two main types of threat analysis and security testing;

Vulnerability assessment: Reviews procedures already in place, from policy level through to enactment

Penetration testing: The next level, which exposes weaknesses and potential areas of malicious penetration

A recent KMPG survey outlined the need for organisations to develop, and install, security solutions. According to the survey, 41 percent of 500 executives within multinational companies believe their company is susceptible to a serious security breach. Of this number, 60 percent believe that it can be solved with technology. Duffy believes that businesses continue to underestimate security as an issue for businesses working in the online space. While larger organisations are beginning to spend more money on ensuring the security of networks and systems, according to Duffy, they are not always successful. "We have seen some terrible (cases of poor security)," said Duffy. "There are some organisations where at administrator level, they still have their passwords set at 'password' (the system default)." This often happens at the "engine room level", because the technical staff believe "they are in control and therefore, they are safe", said Duffy. Another common belief in organisations is that one type, or level, of security is enough. "Some of these organisations are of the view (that) you just put in a firewall and you are safe," claimed Duffy. "But a firewall is like having a front gate but not having a fence." Layering security for maximum defence
Duffy believes effective security involves layers of defence and offers the following layers as an example of a secure system.

First level is the perimeter defence which should involve a firewall and/or authentication system.

The second level involves intrusion detection, allowing administrators to recognise and track intruders.

The third level relates to server security and involves scanning devices, active blocking and the like.

Duffy added that PC-protection or desktop security -- in the form of authentication, scanning devices, and antivirus software -- is another element which should not be ignored. According to Duffy, another "area of defence" involves e-business. Organisations communicating or transacting over the Internet are exposed to the vulnerabilities present in the networks of their business partners. "You can have the best security system in place, but the minute you work with another company, you are vulnerable to their security measures...a chain is only as strong as the weakest link," said Duffy. The emergence of security auditing and certification is assisting in business partnerships by easing these concerns. For all security-related news, including updates on the latest viruses, hacking exploits and patches, check out ZDNet UK's Viruses and Hacking News Section. Have your say instantly, and see what others have said. Click on the TalkBack button and go to the Security forum. Let the editors know what you think in the Mailroom. And read other letters.