Special focus: IT security
There are myriad security challenges facing IT professionals today: personal computers that get hacked, viruses hijack machines, and keystroke loggers steal passwords which end up on public web sites. Yet the amount of security-critical transactions conducted on such systems is steadily increasing.
There are also mobile devices such as smartphones and tablet PCs, increasingly being used for critical transactions and projected to replace PCs as the web access device of choice. All these computing devices are in use in modern businesses and their effective management poses a growing challenge to the IT professional.
Selected it-security news
A lack of information security skills among the UK’s IT workforce is hampering the fight against cyber criminals, according to the latest research from the IET.
Oracle has released a major security update for the version of Java programming language that runs inside Web browsers.
InfoSec Skills will launch competitions testing IT security skills of business leaders as part of the Cyber Security Challenge.
Companies experience cyber attacks up to once every three minutes, a report says.
Hackers have apparently broken into at least two of North Korea's government-run online sites.
Cyber security experts from industry are to operate alongside the intelligence agencies for the first time.
This week's cyber-attack on South Korean broadcasters and banks may not have originated in China.
A hacking attack on three South Korean broadcasters and two major banks has been identified by most commentators as North Korea.
Several official BBC Twitter accounts were hacked today by what appeared to be pro-Syrian government hackers.
Computer networks at two major South Korean banks and three top TV broadcasters went into mass shutdown today.
North Korea has blamed South Korea and the United States for cyber attacks that temporarily shut down websites.
Cyber experts said it was important to recruit a broad range of people after a chemist won a cyber security competition.
Researchers at the Fraunhofer Institute for Secure IT have developed security software to enable the use of Android smartphones for access control.
Security firm Secusmart has developed a crypto plug-in for the Blackberry 10 smartphone which, it claims, turns it into the first widely-available smartphone to meet government-level Classified security levels.
Orange and security firm Morpho have announced a mobile identity management system specifically designed for the healthcare sector.
The Ministry of Defence is to recruit a new force of "cyber reservists" to bolster the uK's online defences.
IT specialists should consider becoming police volunteers to help stop cyber criminals, the Security Minister is to suggest.
Chinese telecoms equipment manufacturer Huawei is working with one of its toughest critics to reduce its hacking vulnerabilities
William Hague will warn a conference in Budapest that cybercrime is one of the greatest challenges facing the world.
Cyber security experts across Europe are taking part in the EU's biggest cyber security exercise.
GCHQ has unveiled an online security competition to identify future espionage recruits and raise awareness of cyber attacks.
Microsoft has warned a newly discovered bug in its Internet Explorer web browser makes PCs vulnerable to attack by hackers.
Finalists of the Cyber Security Challenge UK competition have visited GCHQ to find out more about cyber security.
The inventor of the World Wide Web has denied there is an 'off' switch that could turn off the Internet across the globe.
A second suspected member of LulzSec was arrested on charges he took part in a computer breach of Sony Pictures Entertainment.
A cyber espionage campaign targeting Iran and other parts of the Middle East has widened, according to security experts.
Intel security experts are working on finding ways to protect automobiles from electronic bugs and computer viruses.
Gaming company Blizzard has confirmed that hackers have stolen some account details of its users.
South Korean police have arrested two computer programmers on suspicion of hacking personal data of 8.7 million KT subscribers.
A cyber espionage campaign targeting Iran and other Middle Eastern countries has been uncovered by security experts.
Up to 300,000 computer users around the world are at risk of losing internet access due to a computer virus.
The Ministry of Defence has extended its cyber security agreement with BT as it defends its networks against increasing threats.
LulzSec hackers have admitted they were behind cyber attacks against the CIA, the NHS and the Serious Organised Crime Agency.
Internet service providers will start warning their customers who illegally download files as Ofcom cracks down on online piracy.
LinkedIn says it is working with the FBI after the theft of around 6.5 million member passwords.
Digital risk management and investigations consultancy Stroz Friedberg has cautioned UK law firms that their failure to tackle online security will leave clients vulnerable to hackers.
Social networking site LinkedIn has warned millions of users to reset their passwords after security information was stolen.
Governments need to work together to stop cyber-attacks and operating systems must be redesigned, Eugene Kaspersky, the founder of Kaspersky Lab says.
The BBC’s boss says the company suffered a ‘sophisticated cyber-attack’ after an attempt by Iran to undermine its Persian Service.
NASA has said that hackers gained access to mission-critical projects in 13 major network breaches last year.
Network security company GFI Software released its VIPRE report showcasing the ten prevalent threat detections encountered by its GFI VIPRE Antivirus users in January 2012. The malware attacks target a range of victims including gamers, small businesses and government organisations.
Anti-virus company Avast has revealed hackers are now targeting children’s gaming websites to spread malware and hack into the home network.
Mozilla’s reported plan to implement ‘silent’ background updates in the upcoming version of Firefox 10 has been questioned by security company Lieberman Software.
IT security firm Sophos has revealed the top twelve countries responsible for spam messages from its Q3 2011 report, the ‘Dirty Dozen'.
The death of Libyan dictator Muammar Gaddafi is driving huge public interest in viewing photos and videos of his last moments - and providing cybercriminals with an opportunity to ensnare the morbidly curious surfers.
Spammers will take advantage of Twitter’s enablement of user targeting by UK brands, warns information security firm Sophos.
Brooklands College will be using IT security firm Sophos for its two-site network in Surrey and Kent against an increase in viruses and malware threats.
Seventeen per cent of UK employees consider accessing social networks from the workplace ‘a major risk’ to enterprise security – and many are calling for clearer guidelines on social media usage on behalf of their employers.
Hackers spied on about 300,000 internet users in Iran last month after stealing security certificates from a Dutch IT firm.
WikiLeaks has been the target of a cyber attack as it released thousands of previously unpublished U.S. diplomatic cables.
Increased pressure to improve the speed and security of file transfers from customers and partners is creating vulnerabilities in enterprise security procedure.
The Cyber Security Challenge UK has launched a competition challenging participants to detect hacker activity on Linux systems.
Hackers at the Defcon convention managed to trick employees at some of the largest U.S. companies to help them steal data.
China's top paper has dismissed as "irresponsible" suggestions that the country is linked to large-scale internet hacking.
Smartphones are overtaking laptops as the mobile device of choice for enterprise workforces, bringing another headache for IT departments to contend with.
Business software company SAP says it will release a patch to customers to fix a security flaw in its software.
More than 30 North Korean hackers were hired by a South Korean crime ring to steal personal data from South Korean gamers.
McAfee has uncovered the biggest series of cyber attacks to date, involving 72 organisations targeted including the UN.
A teenager believed to be a leading member of the Anonymous and LulzSec hacking groups has been released on bail.
Un-patched and often pirated versions of Windows XP are a main target for rootkits infections, according to the AVAST Virus Lab.
It should be much easier for blind and visually impaired mobile users to tell who is calling them if a system being showcased at this month’s Mobile World Congress in Barcelona takes off.
Network security companies must innovate or die
Governance is playing an increasingly important part of information security within enterprises.
The spot market in European Union emissions permits may re-open next week following a cyber attack that resulted in nearly 30 million euros (£26 million) of carbon permits being stolen.
Chief information officers must ‘re-imagine’ IT to support growth and competitive advantage, say findings from the ‘2011 CIO Agenda’ survey.
Half a million required to keep up with projected UK demand over the next five years, says e-Skills survey.
The value of the enterprise network and data security market is set to exceed $10bn by 2016.
Registration for the SANS London 2010 event shows an 11 per cent increase of women students for Security 560, ‘Penetration Testing and Ethical Hacking’ providing further evidence that more women are breaking into the sector, and may now account for 17 per cent of IT security practitioners.
What’s been launched as the UK’s ‘first hunt for future cyber security professionals’ has begun.
Up to 35 per cent of organisations suspect that their most sensitive internal information has been illicitly passed over to competitors – most probably by former employees.
Google is urging its employees to dump Microsoft Windows in favour of Mac OS and Linux citing security concerns, say reports.
Twenty-five per cent of IT administrators have voted ‘Securing remote access’ as the issue that most keeps them a peaceful night’s sleep, while 15 per cent said ‘keeping virus definitions up to date’ was their second biggest nocturnal concern.
The Information Security Forum (ISF) has launched a series of initiatives designed to lead toward a industry standard for managing information security requirements for enterprise third-party relationships.
Kaspersky Lab is considering developing its new PURE home security software to become an operating platform for which approved third parties will be able to develop updates and plug-ins.
Social media and Cloud Computing have increased the vulnerability of UK companies and public sector organisations to new cyber threats, with hacking and denial of service attacks having doubled since 2008.
More than half of information security professionals received salary increases in 2009, according to the surveyed for the (ISC)2 2010 Career Impact Survey, while less than five per cent of participants lost their jobs.
The art of war, and the art of information security, are closely aligned, claims a new book ‘Assessing Information Security: Strategies, Tactics, Logic and Framework’ that applies the principles of Sun Tzu’s classic text to online threat combat.
South Africa’s hosting of the 2010 Soccer World Cup will make it the target of an intense cybercrime wave in the lead-up to the FIFA tournament in June, security experts have warned.
Kaspersky Lab CEO Eugene Kaspersky has called for more global regulation in the fight against online threats. Speaking to E&T at InfoSecurity Europe 2009, Kaspersky said that the era of the unregulated Internet has passed, and that the notion of unregulated public networks was not realistic when economies could be wrecked by cyber-criminals.
The Internet firewall is 'dead', according to IT security start-up Palo Alto Networks. Speaking live on the third of E&T's exclusive video bulletins from Infosecurity Europe 2009, director of corporate marketing Franklyn Jones says that with enterprises increasing their use of online applications, the traditional concept of a protective traffic gateway needs reinvention.
Cyber-criminals are continuing to show increasing interest in targeting the Apple Mac community and users can expect a slew of new Mac-specific malware and Trojans, Sophos senior technology consultant Graham Cluley has warned, speaking exclusively in the fourth of E&T magazine's video bulletins from InfoSecurity Europe.
A network of 1.9m malware-infected computers has been identified by web gateway vendor Finjan’s Malicious Code Research Center (MCRC). Corporate, government, and consumer computers around the world were infected by the malware, the company claims.
Companies are leaving themselves vulnerable to employees’ ‘purposeful flouting’ of the rules when it comes to information security, claims a survey by certification company (ISC)2.
Over 30 per cent of human resources departments and business managers admit to searching for potential and current employees’ social networking profiles for information about their background and behaviour - and 24 per cent of those say that they have been put off by something they have found.
Ninety per cent of IT managers in the educational sector view anonymous proxies to be a problem, compared with 51 per cent in the private sector. Anonymous proxies are the most popular way to bypass an organisation’s Internet filtering: thus connected, users can surf any website unmonitored, even if it should have been blocked by a Web filter.
‘Application security’ tops a global list of most commonly-searched-for IT security terms according to an analysis of current Google search trends and volume statistics by risk management firm ArmstrongAdams. Data loss and PCI DSS ranked highest in terms of UK originated searches in December 2008.
Selected it-security features
As point-of-sale systems embrace mainstream software, they will have to deal with the security threats that come with it. After all, what cybercriminal wouldn't go after Windows-based devices handling credit and debit cards?
More and more organisations are being targeted in cyber-attacks, and they must get to know their enemy if they are to protect vital networks. Meet the professional, ethical hacker.
'Grey hat' apps are a new phenomenon in software that enable street hackers to delve into your smartphone and access your data, and more besides.
A fake hack attack can be as damaging as a real one and they're becoming increasingly common.
How has Google's Android smartphone operating system managed to become so successful?
Proposed amendments to the EU data privacy laws propose to swap-out carrots for sticks in a redoubled effort to get European organisations to do a better job to protect everyones' data.
Global militant organisations are tapping into the vulnerabilities in mobile technologies for propaganda and recruitment, as well as to filch data for financial gain.
Channelling voice calls over IP networks has brought many advantages to enterprise communications, but it also creates some security risks.
IT is one of the most rigorously regulated parts of an organisation, and legislation affecting information security is spearheading the legal changes.
With users accessing systems from ever more obscure points of entry, how do you keep control of access privileges? We look at the software that may have the answer.
PC operating systems are full of security holes, which is why some are now turning to software first developed for 'hidden' computers to better protect them
Data breaches like the one that affected Sony aren’t the end of the world if companies are honest with customers who have been affected.
Japan's Internet infrastructure withstood quake and tsunami, but was also left working for cyber-criminals to exploit the anguish of survivors desperate for information
Latest-generation CCTV cameras are bringing intelligent observation to some of the world’s most scrutinised cities. E&T zooms in on the innovations.
Cyberwar threats are all too real, E&T investigates.
Posing as an IT consultant, Colin Greenless performed a penetration test on a FTSE-listed financial services firm. One or two tricks of social engineering gave him free access to some very useful - and very valuable - information.
Ever-escalating spam levels are close to tearing the commercial guts out of any business and organisation that relies on email as a primary method of business communication.
Despite all the warnings, all the headlines, and all the headaches, there are some security basics that we just keep leaving undone: Graham Cluley names them.
IT security specialists want recognition and acclaim from their managers – but gaining the proper qualifications to endorse their status is not clear-cut.
Bloxx Tru-View could be on the list of organisations worried about what their staff are downloading from the web.
Any IT security can be circumvented by hackers who target the human factor - but risk can be minimised
"Africa is abundant with engineering opportunity. We look at some of the projects and the problems."
- UK just six hours from running out of gas in March [09:02 pm 24/05/13]
- Ideas for a final year university project [05:55 pm 24/05/13]
- Fourth Generation Nuclear: Molten Salt Reactors [10:39 am 24/05/13]
- LED bulb efficiency - its all about the drivers not the LEDs? [09:52 am 24/05/13]
- Marketing from Engineers' perspective [02:18 am 24/05/13]
Tune into our latest podcast