Trend Micro and Cisco have announced an ever stronger union, going

beyond the network admission control (NAC) programme

trumpeted by both vendors in recent months.

Roger Levenhagen, UK managing director for the anti-virus vendor

said that the deal will help the company in those areas where it has been

relatively weak in market share. "We don't have a significant record in

terms of hardware-based security; partnering like this gives us a route to

provide anti-virus in different formats".

Cisco’s NAC programme, based on its so-called ‘self-defending

network’ concept has involved Trend Micro on the anti-virus side.

"That was the NAC, but we have now gone farther. The whole

engagement has become tighter and we are now putting our strategies

together.

"Trend Micro customers who do not have Cisco infrastructure will

have a good reason to move” , he said.

Every Cisco router will now incorporate Trend Micro antivirus

technology, producing an outbreak prevention system at the network

level, addressing the virus life cycle and providing, it is said, real time

protection from the latest security threats.

Cisco, meanwhile, plans this year to deliver products with Trend Micro

technology integrated. It will initially integrate network worm and virus

signatures with the Cisco IDS software deployed in Cisco IOS software-

based routers, Catalyst switches, and network security appliances.

"This goes beyond an open programme to one which only we can

deliver, working with Cisco specifically” , said Levenhagen. The

development, he added, will be bad news for “ those of our direct

competition who are not addressing the threat posed by network worms

like Sasser.”

Security managers get t ing act together?Costs f rom security incidents plunge says 2004 CSI/FBI survey

Sarah Hilley

Racist spam on eve of EU electionsBrian McKenna

ne

ws

4In

fose

curity

Tod

ay

May/Ju

ne 2

004

Cisco and Trend Micro tighten collaboration around Sasser-like attacksBrian McKenna

Financial losses from security incidents are dramatically down by

around a quarter shows annual research from the Computer Security

Institute and FBI, suggesting that IT security managers are starting to

get it right.

Total losses reported from 269 security managers in the survey

plunged to $141 million compared to $201 million last year.

Chris Keating, CSI Director said: Organizations’ "average dollar losses

per year have dropped in each survey for four straight years."

The most pricey cost to businesses this year comes from denial-of-

service attacks. Theft of intellectual property, which came top last year

has been relegated to second position.

Companies are also cautious about justifying security spend. Fifty five

per cent use return on investment to examine security budget — 28% use

Internal Rate of Return (IRR), and 25% use Net Present Value (NPV).

"Our survey respondents appear to be getting real results from their

focus on information security," said Keating. "It makes sense to continue

to focus on adherence to sound practices, deployment of sophisticated

technologies, and adequate staffing and training," he said.

Far-right racist propaganda

flooded German and Dutch

inboxes in the run up to the

European Parliament elections.

The emails were sent from

computers compromised by the

W32/Sober-G worm. They

featured messages such as 'What

Germany needs are German

children' and 'Asylum-seeker

tortures animals to death’. Sober-

G is a mass-mailing worm which

sends itself to email addresses

harvested from an infected

computer. Der Spiegel reported

that 80% of the spam it received

came from a server at the

University of Rostock.

Reports say that some of the

messages explicitly refer to the

German right-wing newspaper

Junge Freiheit ("New Freedom").

This is believed to be the first

time that right wing extremists

have used spam to reach a broad

audience.The use made of the web

and email by Al Qaeda has

attracted much pundit comment

as has the growing interest of

organized crime in spamming.

"Whether this flood of racist

email is coming from right-wing

extremists, or those who wish to

discredit right-wing parties in the

run-up to the elections is unclear,"

said Graham Cluley, senior

technology consultant for Sophos,

in a statement.

"Whoever is responsible for this

spam attack is breaking the law —

using computers which have been

virus infected to spread their

offensive messages. All computer

users should ensure their systems

are properly protected against

viruses and hackers to prevent this

kind of abuse."

Martino Corbelli, director of

marketing at Surf Control,

commented that there has been a

“ significant increase in ‘hate and

violence web sites’ — 300% since

2000, and 26% in the first four

months of this year. Some of the

material there is very extreme, and

is hosted on white supremacist,

gay-hate, and anti-semitic sites, as

well as on Islamic fundamentalist

sites.

“ Such people find validation for

their views on the web. As for

spam, it will soon be 80% of all

email, and it is clear that

spamming techniques are being

shared in the underground among

virus writers, criminals, and now

political extremists” .

Marcus Ranum, analyst at

TruSecure and computer security

expert, commented that: “ there

was a similar ‘issue’ with the

Tamil rebels’ email flooding the

Sri Lankan government's in-box in

1998 — accounted by some to be

‘cyberwarfare’. The attack was a

whopping 800 messages per day!

“ Is this a business issue? Only

for businesses that are too stupid

to install a $19.95 spam blocker,

or a free tool like bogofilter” .

Covelli cautioned, however, that

employers who allow such hate

mail to flood their workers’

inboxes could find themselves sued.