Securing the network

There was no Y2K bug to keep IT staff in the office on the eve of this new year, but there are some things that network administrators should be on the look out for in 2001, according to analysts. There are threats out there, they warn, and although they might not have the same level of doom felt by the potential of Y2K, that does not mean they should be ignored.

One of the threats that analysts predict will have a great impact in 2001 is something that was seen in the first quarter of last year.

John Pescatore, research director of network security at Stamford, Conn.-based Gartner Group, said he believes there will definitely be some more big denial-of-service attacks. He explained that there will be two kinds seen: the distributed denial-of-service (DDoS) attacks like the ones seen last year, and attacks against domain name systems (DNS).

“Both of these things…are things that we have known have vulnerabilities for quite some time, but it’s only very occasionally that anybody exploits them,” Pescatore said. “I think that next year we’re going to see that happen in a big way with some high-visibility attacks.”

Chris Byrnes, vice-president with the META Group in San Diego, agreed with Pescatore.

“The hacker community is gearing up for a series of attacks 10 to a thousand times worse (than last year),” he said. “There are huge numbers of the slave systems being planted out there, where they infect a computer with the ability to launch denial of service – they’re ready to pull the trigger on it.”

Byrnes noted the attacks were being looked at as potentially occurring last month or this month, but for some reason it appears as if the timeframe has been pushed back.

“We’re not sure why – the hacker community has backed off a little bit. They’re waiting for some trigger event we don’t understand. But when it happens, it’s going to be extremely nasty. We may even see the Internet crash,” he said.

So what’s a network manager to do? Pescatore suggested they should pressure their ISPs and telecom providers to strengthen their infrastructure against those types of attacks when renewing contracts. They should ask their providers what type of protection they are being offered, and be aware of the measures those providers are taking.

Trojan horse viruses will be another threat network administrators can anticipate seeing more of, according to META Group’s Byrnes.

“The poster child here (for Trojans) is Microsoft,” he said. “What’s happened is that every organization in the world has put in virtual private connections to their employees’ homes because it’s cheap and easy. The Trojan authors have figured out how to make use of that. So for every home connection into a corporate network, we have a potential security opening and as Microsoft proved, that can be pretty bad.”

Because of the anticipated rise in these virus attacks, Byrnes stressed that everyone with a VPN connection should implement a personal firewall. In fact, he said that is the imperative technology in which enterprises should be investing.

Gartner Group’s Pescatore cited three other technologies that he sees getting more widespread attention from enterprises this year.

“I think remote access virtual private networks…that’s going to be a biggie. Web server security products – kind of intrusion prevention versus intrusion detection – that’s going to be a major deal,” he said. “And the final one is secure sockets layer (SSL) acceleration.”

He explained that when people start using their Web servers for e-commerce, and start to use encryption on the Web server, they find it slows things to a crawl, so they discover a need to add acceleration software.

“Right now we’re seeing that growing very rapidly, along with load balancing,” he added.

Another thing for network administrators to consider is compliance with privacy regulations, according to Byrnes. He suggested getting a head start on complying with the regulations, instead of waiting until the last minute.

“The Canadian government has passed some fairly extreme privacy regulations. While it only affects a few industries right now, it will affect all of them within four years, and it’s going to take some companies more than two years to come into compliance.”

Byrnes was referring to Canada’s Personal Information Protection and Electronic Documents Act – otherwise known as Bill C-56 – which went into effect on Jan. 1. The law requires companies that collect personal data to offer certain guarantees regarding how their information is collected and used.

For example, a company will require consent from people before it can collect their data, and will require consent before it can do anything with it. The law also requires that these companies appoint someone to be responsible for their privacy conduct.

The law will initially apply only to some federally regulated businesses, including telecommunications firms, banks, airlines and broadcasting organizations. But in four years, almost all businesses will be affected.

Looking ahead at security trends, Canadian enterprises will be jumping on board the services bandwagon, according to IDC Canada’s Dan McLean, a research manger with the firm in Toronto. That is where he said research indicates companies will be spending their dollars.

“I would think that in the year ahead, you’re going to see a lot of Canadian companies looking to take advantage of some of those security consulting services, in order for them to really get a handle on what it is they should actually be doing,” he explained. “They’ll do that to get an idea as to what approach they should be taking, and what they should be implementing.”

Security services in general will have a fairly significant uptake in the following year, he said.