Johannesburg, 19 Aug 2003
The risk of information security vulnerabilities in the global (and more specifically) South African business landscape, is unfortunately, an ever-increasing and alarmingly constant.
Exploits are being used to compromise vulnerable systems on an ongoing basis, and the time frame from vulnerability to exploitation of such vulnerabilities appears to be narrowing to mere weeks. This narrowing period has substantial implications for business, as attacks on systems continue to surprise unprepared organisations.
Business must now view vulnerability assessment as an essential activity that needs to take place regularly and consistently. It is no longer a conceptual expression of something consultants do on an infrequent basis.
National network integration and infrastructure support specialist Integr8 IT appreciates the gravity of the mounting number of security threats facing organisations daily, and as part of its service level agreements (SLAs), has introduced a novel, proactive and intuitive vulnerability assessment solution.
Integr8 IT has selected Beyond Security, a leading security firm specialising in vulnerability assessment technology, as its partner in this regard.
"This technology service offering, which is fully automated and currently employed by Fortune 500 companies around the globe, ensures (in conjunction with Integr8 IT`s consulting skill-set) that we are able to incorporate and facilitate a turnkey managed vulnerability assessment solution into our SLAs," explains Integr8 IT manager, Bennie Strydom.
"This `value-add` service ties in with Integr8 IT`s commitment to ensure that clients are aware of and protected as much as possible from the ongoing information security vulnerability threats," he adds.
The recent W32/Blaster worm that hit Microsoft systems around the world is an example of these new threats facing computer systems every single day. Although the current security alert and patch was published by Microsoft on 16 July 2003, many thousands of systems the world over have once again been compromised.
Like the Linux Slapper worm and the SQL Slammer worm before that, patches and mitigation strategies were available before the rogue code appeared.
The current threat, W32/Blaster, causes infected systems to become unstable, and even systems which cannot be infected (Windows 2003 Server) may crash as a result of attempts by infected systems to infect them.
This worm installs a "backdoor" on port 4444, and appears to contain an instruction to produce a denial of service attack against windowsupdate.com. This attack is set to begin on 16 August, and continue until the end of 2003.
"Regular automated vulnerability assessment, such as that offered by Integr8 IT, would have highlighted the Windows RPC vulnerability several weeks prior to this attack. This would have provided systems administrators ample time and information to not only patch their systems, but mitigate the risks still further by blocking any attempts to exploit this vulnerability at the organisation`s firewall," concludes Strydom.
Share