Vigilinx Network Security Threat Assessment Reports Digital Security Threats Rising in the Russian Federation.Business Editors PARSIPPANY, N.J.--(BUSINESS WIRE)--July 24, 2001 Espionage, Sabotage, Sensitive Intrusion, and Computer Crimes Pose Especially Severe Threats Toward U.S. and Western Businesses U.S. and Western firms operating in the Russian Federation Russian Federation: see Russia. (RF) face severe threats to network integrity and must adopt the most stringent security measures Noun 1. security measures - measures taken as a precaution against theft or espionage or sabotage etc.; "military security has been stepped up since the recent uprising" security to protect themselves from industrial sabotage and espionage, according to according to prep. 1. As stated or indicated by; on the authority of: according to historians. 2. In keeping with: according to instructions. 3. a new report by Vigilinx, Inc., the leading full service provider of digital security solutions. According to Vigilinx' three-year "threatscape" assessment, risks have escalated since 1996, when then-Russian President Boris Yeltsin “Yeltsin” redirects here. For other uses, see Yeltsin (disambiguation). Boris Nikolayevich Yeltsin (IPA: [bʌˈrʲis nʲikoˈlajevɨtɕ ˈjelʲtsɨn] ordered top state officials to close the technology gap with the West. In 2001, that mandate is much closer to reality as Russian organizations use increasingly sophisticated technologies to commit crimes. "These findings raise serious concerns for the hundreds of U.S. and Western firms that have established operations in the federation, hoping to take advantage of the nation's transition from communism to democracy," said Bruce Murphy, Vigilinx CEO (1) (Chief Executive Officer) The highest individual in command of an organization. Typically the president of the company, the CEO reports to the Chairman of the Board. . "The situation in the RF is further compounded by government initiatives and policies designed to restore a more centralized form of government, and it advocates industrial espionage industrial espionage Acquisition of trade secrets from business competitors. Industrial spying is a reaction to the efforts of many businesses to keep secret their designs, formulas, manufacturing processes, research, and future plans. to close the technological gap with Western economies." The Vigilinx report, which analyzes network security threats active within the RF from 1999 through 2001 using the firm's exclusive Threat Axis Analysis system, identifies more than 25 major security threats within seven primary network security "threat axes." These are Sensitive Intrusion; Information Warfare Also called "cyberterrorism," it refers to creating havoc by disrupting the computers that manage stock exchanges, power grids, air traffic control and telecommunications. While the term often deals with attacks against a nation, it may also refer to attacks on organizations and the ; Espionage & Sabotage; Group Causes; Malicious Codes & Their Applications; Intellectual Property Theft & Infringement; and Computer Crime. The Vigilinx report shows that three of these axes, Espionage & Sabotage, Sensitive Intrusion and Computer Crimes, pose especially severe threats toward U.S. and Western businesses. The findings include: -- Espionage & Sabotage. Highly developed espionage and sabotage techniques are a Russian Cold War legacy. The RF government controls almost all electronic paths in and out of Russia and electronic monitoring is a `fact of life' there. Therefore, the possibility that U.S. firms are already under active surveillance by Russian special services is very real. -- Sensitive Intrusion. There is an extensive body of evidence demonstrating that entities based in the RF have engaged in serious sensitive intrusions targeted against U.S. government networks, as well as networks of Western companies inside and outside the RF. -- Computer Crime. Russian computer crime rose by 60 percent in 2000. According to the FBI, more than 40 e-commerce sites in 20 states were victims of an organized hacker attack in March 2001 by hackers from Russia and the Ukraine. More than one million credit card numbers were stolen. What can companies do to protect themselves in this increasingly dangerous network security environment? The Vigilinx report recommends five steps, including: -- Establish a security plan and policy covering all company information. This policy should address information in all forms and cover everyone associated with the enterprise, including employees, customers, suppliers, partners and contractors. -- Secure the "human element" and access to sensitive information. People are the single most important element of any information security program. Advise and frequently update people concerning threats, countermeasures and their responsibilities. -- Establish and maintain physical security barriers. Facility access controls must be instituted, and proper proprietary information disposal methods used to protect against theft. -- Update, maintain, and routinely revalidate re·val·i·date tr.v. re·val·i·dat·ed, re·val·i·dat·ing, re·val·i·dates To declare valid again. re·val electronic security tools. This includes intelligence and early warning, authentication, encryption, intrusion detection See IDS and IPS. and other tools. -- Adopt a standard operating procedure standard operating procedure Medtalk A technique, method or therapy performed 'by the book,' using a standard protocol meeting internally or externally defined criteria; a formal, written procedure that describes how specific lab operations are to be performed. for contingencies and incidents. Plan for the worst, and if it happens, follow established forensics See computer forensics. procedures to the letter. "While a Western firm can operate profitably within the Russian Federation, even the most stringent security measures cannot ensure network security, especially along the Espionage & Sabotage, Sensitive Intrusion, and Computer Crime threat axes," said Murphy. The Russian Federation "threatscape" assessment is one of a series of Vigilinx knowledge products that address the need for companies and institutions to adopt focused and preemptive pre·emp·tive or pre-emp·tive adj. 1. Of, relating to, or characteristic of preemption. 2. Having or granted by the right of preemption. 3. a. digital security strategies. Developed by leading security and geopolitical ge·o·pol·i·tics n. (used with a sing. verb) 1. The study of the relationship among politics and geography, demography, and economics, especially with respect to the foreign policy of a nation. 2. a. analysts, the knowledge products promote development of effective technology solutions that can be put in place before potential threats become reality. Each of these products provides threat awareness at multiple levels - for the organization, the enterprise and for current and future global e-commerce initiatives. ABOUT VIGILINX Vigilinx is the leading full service provider of digital security solutions, offering a complete line of security products and services including security intelligence, managed security services Security services are state institutions for the provision of intelligence, primarily of a strategic nature, but also including protective security intelligence. Examples include the Security Service (MI5) and the Secret Intelligence Service (MI6) in the United Kingdom, and the , knowledge products, security advisory consulting, integration services, investigation/forensics services, and training. The company has industry practices devoted to vertical markets including financial services, telecommunications, government, media and entertainment, and general services. The firm serves both mid-sized and Fortune 500 companies including Cablevision, New York Life Insurance Company The New York Life Insurance Company (NYLIC) is the largest mutual life-insurance company in the United States, and one of the largest life insurers in the world.[3] , Saks, News Corporation, Cardinal Health, The Sony Corp. of America, and Viacom. Visit the company online at www.Vigilinx.com. |
|
||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion