Credit Guide

Intrusic Demonstrates How to Protect Internal Networks from the Insider Threat

Education initiative helped enterprises and organizations to 'Know thy enemy'
Next step is choosing the right technology

WALTHAM, Mass.--(BUSINESS WIRE)--Aug. 16, 2004-- Intrusic, the first and only security software company to specifically target the Insider Threat, today concludes its "Inside the Insider Threat" series. The program has educated hundreds of enterprises and organizations on the specific methods used by malicious hackers, terrorists and industrial spies to infiltrate internal networks through stealth and espionage.
The Insider Threat remains the most pervasive security concern for companies of all sizes. The hackers who recently plead guilty to the 2003 Lowe's compromise followed the same patterns thoroughly outlined in this series: entry, reconnaissance, residency and action. According to an article from IDG News Service, the hackers entered Lowe's corporate network through a wireless LAN from which they were able to conduct internal espionage and compromise Lowe's corporate network.

"Now that enterprises understand the specific ways they can be compromised, they can greatly increase their overall security baseline," said Jonathan Bingham, president of Intrusic. "Fortunately, companies also can benefit from the emerging technologies available to combat this problem."

The most common techniques employed by digital criminals or cyber-terrorists include:

Island Hopping: Island Hopping involves compromising a home user's computer and pirating a remote access mechanism such as a VPN to infiltrate a corporate network. By exploiting the fact that enterprises and organizations allow employees trusted access to the internal corporate network from remote sites, business partners or home users, Island Hopping effectively converts a VPN from a security tool into a stealthy backdoor into a network.

Covert Data Channels: Covert Data Channels hijack Internet protocols to create a secret doorway into networks. An example of a Covert Data Channel is a Reverse Tunnel, a connection that flips the role of desktop and server, allowing information to flow from the desktop to a server.

Information Interception: Information interception describes a set of techniques to conduct reconnaissance throughout internal networks. Using these methods, an intruder intercepts arbitrary information ranging from access credentials to sensitive company materials while remaining undetected by traditional network security. Intercepting information is a good way to obtain access credentials and view information that is thought to be private, for example, voice conversations over IP, bank transactions, SSL communications, and email traffic.

Any of these techniques leaves an organization at the mercy of a rogue employee, malicious hacker or cyber-terrorist. However, solutions do exist.

Guarding Against the Insider Threat

All the techniques that are profiled in the series - Island Hopping, covert data channels and information interception - are extremely difficult to identify. Even the most technologically advanced companies often find these malicious insiders through pure luck. Zephon, Intrusic's flagship software solution, tracks dangerous covert activity across the entire network and uncovers all of the compromise methods discussed in the "Inside the Insider Threat" series.

Zephon: Protecting the Inside

The Intrusic security platform protects businesses by identifying "cloaked" insiders impersonating legitimate users who are in a position to do extreme harm to an organization. Zephon identifies compromises by utilizing a complex multi-tiered analysis architecture, which identifies discrepancies in the information flowing inside of an organization. The result is a complete, easy to understand assessment of the nature, scope, and extent of the compromise. Zephon provides companies with all of the information necessary to remove these insiders and prevent damage before it occurs. Zephon is the last line of internal network defense.

Zephon is commercially available now. Pricing is set on a per-server licensing fee. For more information, contact Intrusic at info@intrusic.com.

About Intrusic

Intrusic, Inc., based in Waltham, Mass., was founded by a group of security experts in 2002 to create a solution to one of the most insidious threats to global networks, the "Insider Threat." The real danger to enterprises, organizations and governments goes beyond perimeter attacks, but to unauthorized intruders already inside networks engaging in "noiseless action," the execution of internal espionage. Intrusic's world-class executive team has developed Zephon, a ground-breaking solution to identify compromised networks and map the full extent of the breach by providing full forensics. For more information visit us at www.intrusic.com. To stay informed with the latest from Intrusic, and to receive our newsletter, contact insider@intrusic.com.

Contacts


The Racepoint Group
Thomas C. Ford, 617-583-1337
tford@racepointgroup.com

[ Comment, Edit or Article Submission ]