Upload
brian-mckenna
View
213
Download
1
Embed Size (px)
Citation preview
Trend Micro and Cisco have announced an ever stronger union, going
beyond the network admission control (NAC) programme
trumpeted by both vendors in recent months.
Roger Levenhagen, UK managing director for the anti-virus vendor
said that the deal will help the company in those areas where it has been
relatively weak in market share. "We don't have a significant record in
terms of hardware-based security; partnering like this gives us a route to
provide anti-virus in different formats".
Cisco’s NAC programme, based on its so-called ‘self-defending
network’ concept has involved Trend Micro on the anti-virus side.
"That was the NAC, but we have now gone farther. The whole
engagement has become tighter and we are now putting our strategies
together.
"Trend Micro customers who do not have Cisco infrastructure will
have a good reason to move” , he said.
Every Cisco router will now incorporate Trend Micro antivirus
technology, producing an outbreak prevention system at the network
level, addressing the virus life cycle and providing, it is said, real time
protection from the latest security threats.
Cisco, meanwhile, plans this year to deliver products with Trend Micro
technology integrated. It will initially integrate network worm and virus
signatures with the Cisco IDS software deployed in Cisco IOS software-
based routers, Catalyst switches, and network security appliances.
"This goes beyond an open programme to one which only we can
deliver, working with Cisco specifically” , said Levenhagen. The
development, he added, will be bad news for “ those of our direct
competition who are not addressing the threat posed by network worms
like Sasser.”
Security managers get t ing act together?Costs f rom security incidents plunge says 2004 CSI/FBI survey
Sarah Hilley
Racist spam on eve of EU electionsBrian McKenna
ne
ws
4In
fose
curity
Tod
ay
May/Ju
ne 2
004
Cisco and Trend Micro tighten collaboration around Sasser-like attacksBrian McKenna
Financial losses from security incidents are dramatically down by
around a quarter shows annual research from the Computer Security
Institute and FBI, suggesting that IT security managers are starting to
get it right.
Total losses reported from 269 security managers in the survey
plunged to $141 million compared to $201 million last year.
Chris Keating, CSI Director said: Organizations’ "average dollar losses
per year have dropped in each survey for four straight years."
The most pricey cost to businesses this year comes from denial-of-
service attacks. Theft of intellectual property, which came top last year
has been relegated to second position.
Companies are also cautious about justifying security spend. Fifty five
per cent use return on investment to examine security budget — 28% use
Internal Rate of Return (IRR), and 25% use Net Present Value (NPV).
"Our survey respondents appear to be getting real results from their
focus on information security," said Keating. "It makes sense to continue
to focus on adherence to sound practices, deployment of sophisticated
technologies, and adequate staffing and training," he said.
Far-right racist propaganda
flooded German and Dutch
inboxes in the run up to the
European Parliament elections.
The emails were sent from
computers compromised by the
W32/Sober-G worm. They
featured messages such as 'What
Germany needs are German
children' and 'Asylum-seeker
tortures animals to death’. Sober-
G is a mass-mailing worm which
sends itself to email addresses
harvested from an infected
computer. Der Spiegel reported
that 80% of the spam it received
came from a server at the
University of Rostock.
Reports say that some of the
messages explicitly refer to the
German right-wing newspaper
Junge Freiheit ("New Freedom").
This is believed to be the first
time that right wing extremists
have used spam to reach a broad
audience.The use made of the web
and email by Al Qaeda has
attracted much pundit comment
as has the growing interest of
organized crime in spamming.
"Whether this flood of racist
email is coming from right-wing
extremists, or those who wish to
discredit right-wing parties in the
run-up to the elections is unclear,"
said Graham Cluley, senior
technology consultant for Sophos,
in a statement.
"Whoever is responsible for this
spam attack is breaking the law —
using computers which have been
virus infected to spread their
offensive messages. All computer
users should ensure their systems
are properly protected against
viruses and hackers to prevent this
kind of abuse."
Martino Corbelli, director of
marketing at Surf Control,
commented that there has been a
“ significant increase in ‘hate and
violence web sites’ — 300% since
2000, and 26% in the first four
months of this year. Some of the
material there is very extreme, and
is hosted on white supremacist,
gay-hate, and anti-semitic sites, as
well as on Islamic fundamentalist
sites.
“ Such people find validation for
their views on the web. As for
spam, it will soon be 80% of all
email, and it is clear that
spamming techniques are being
shared in the underground among
virus writers, criminals, and now
political extremists” .
Marcus Ranum, analyst at
TruSecure and computer security
expert, commented that: “ there
was a similar ‘issue’ with the
Tamil rebels’ email flooding the
Sri Lankan government's in-box in
1998 — accounted by some to be
‘cyberwarfare’. The attack was a
whopping 800 messages per day!
“ Is this a business issue? Only
for businesses that are too stupid
to install a $19.95 spam blocker,
or a free tool like bogofilter” .
Covelli cautioned, however, that
employers who allow such hate
mail to flood their workers’
inboxes could find themselves sued.