CyberSight

Overview
Capabilities
- Security
- Abuse
- Misuse
- Forensics
- Systems Management
- Tools
- Features
Evaluation
- Tutorials
- Request Demonstration
Testimonials
FAQs
Local Government
Education

Services

Cryptic News

Downloads

Cryptic Downloads

Partners

Users

Shareholders

Local Government

CyberSight and Local Government

Most local authorities, whilst aware of the many threats to their systems, are often uncertain as to the level of protection offered by their legacy security products.

There are threats, undetectable by existing security products, that can shutdown firewalls, render IDS systems useless and allow data of any kind to be freely copied, corrupted or transmitted. It is even possible to inflict physical damage on systems.

Existing security vendors may be understandably unwilling to admit this. The fact is that in spite of all the security products currently available the volume of attacks on systems, both internal and external, is increasing dramatically.

CyberSight™ from Cryptic Software is leading the fight against these new types of threat with capabilities to detect and eliminate known and, more importantly, unknown threats before they can take effect. CyberSight™ also provides many facilities that are not available from any other product; for example real-time hardware and software auditing at the press of a key, remote client monitoring, remote administration, evidence gathering, process monitoring and much, much more.

A brief list of primary functionality is overleaf and additional information is available on request.

CyberSight and Local Government Costs

Cryptic Software Local Government Supplement

CyberSight V7 Feature Overview

Simple to install
Scan hundreds or thousands of systems with virtually no overhead
Undetectable by users (c. 0.05% of client processor)
No need for additional training or high level of IT skill
Protect against hacking attacks (internal, external and wireless)
Detect pornography
Detect paedophilia
Detect unauthorised Web access
Detect unknown threats using patented "Capability Analysis Engine"
Continue to detect self-modifying threats (over 50% change)
Simple to customise to protect against unsuitable or inappropriate web sites
Detect internal abuse (downloading unapproved software, hacking tools, music, video and images)
Monitor and protect in real-time
Protect against threats from Laptops, PDAs, USB and other Plug & Play devices
Full audit trail, User ID, client, IP Address, Screenshots of offending activity and web camera capability
Protect against hardware theft (for example entire systems, disc, memory, cards etc.)
Detect unauthorised activities (game playing, downloading, loading from detachable media)
Fully automatic hardware and software auditing capability
Fully automatic network mapping and statistical analysis
Penetrates encrypted zip files (the commonest method of hiding inappropriate material)
Detects over 600,000 known threats
Tracks confidential documents and attempts to copy, edit or remove them
Simple to use back-up capability
Remote administration of system

CyberSight V7 - a complete, cost effective, solution for Local Government Security & Administration

Computer Security Institute security survey

Ninety percent of survey respondents detect cyber attacks, 273 organizations report $265,589,940 in financial losses

SAN FRANCISCO -- The Computer Security Institute (CSI) announced today the results of its fifth annual "Computer Crime and Security Survey." The "Computer Crime and Security Survey" is conducted by CSI with the participation of the San Francisco Federal Bureau of Investigation's (FBI) Computer Intrusion Squad. The aim of this effort is to raise the level of security awareness, as well as help determine the scope of computer crime in the United States.

Highlights of the "2000 Computer Crime and Security Survey" include the following:

Ninety percent of respondents (primarily large corporations and government agencies) detected computer security breaches within the last twelve months.

Seventy percent reported a variety of serious computer security breaches other than the most common ones of computer viruses, laptop theft or employee "net abuse"--for example, theft of proprietary information, financial fraud, system penetration from outsiders, denial of service attacks and sabotage of data or networks.

Seventy-four percent acknowledged financial losses due to computer breaches.

Forty-two percent were willing and/or able to quantify their financial losses. Thelosses from these 273 respondents totaled $265,589,940 (the average annual total over the last three years was $120,240,180).

Financial losses in eight of twelve categories were larger than in any previous year. Furthermore, financial losses in four categories were higher than the combined total of the three previous years.

For example, 6I respondents quantified losses due to sabotage of data or networks for a total of $27,148,000. The total financial losses due to sabotage for the previous years combined totaled only

$10,848,850. As in previous years, the most serious financial losses occurred through theft of proprietary information (66 respondents reported $66,708,000) and fin?ncial fraud (53 respondents reported $55,996,000).

Survey results illustrate that computer crime threats to large corporations and government agencies come from both inside and outside their electronic perimeters, confirming the trend in previous years. Seventy-one percent of respondents detected unauthorized access by insiders. But for the third year in a row, more respondents (59%) cited their Internet connection as a frequent point of attack than cited their internal systems as a frequent point of attack (38%).

Based on responses from 643 computer security practitioners in U.S. corporations, government agencies, financial institutions, medical institutions and universities, the findings of the "2000 Computer Crime and Security Survey" confirm that the threat from computer crime and other information security breaches continues unabated and that the financial toll is mounting. Respondents detected a wide range of attacks and abuses. Here are some other examples:

25% of respondents detected system penetration from the outside.
27% of respondents detected denial of service attacks.
79% detected employee abuse of Internet access privileges (for example, downloading pornography or pirated software, or inappropriate use of e-mail systems).
85% detected computer viruses.

For the second year, we asked some questions about electronic commerce over the Internet.

Here are some of the results:

93% of respondents have WWW sites.
43% conduct electronic commerce on their sites (in 1999, it was only 30%).
19% suffered unauthorized access or misuse within the last twelve months.
32% said that they didn't know if there had been unauthorized access or misuse.
35% of those acknowledging attack, reported from two to five incidents.
19% reported ten or more incidents.
64% of those acknowledging an attack reported Web-site vandalism.
60% reported denial of service.
8% reported theft of transaction information.
3% reported financial fraud.

Patrice Rapalus. CSI Director, suggests that the "Computer Crime and Security Survey," now in its fifth year, has delivered on its promise to raise the level of security awareness and help determine the scope of crime in the United States.

"The trends the CSI/FBI survey has highlighted over the years are disturbing. Cyber crimes and other information security breaches are widespread and diverse. Ninety percent of respondents reported attacks. Furthermore, such incidents can result in serious damages. The 273 organizations that were able to quantify their losses reported a total of $265,589,940. Clearly, more must be done in terms of adherence to sound practices, deployment of sophisticated technologies, and most importantly adequate staffing and training of information security practitioners in both the private sector and government."

Bruce J. Gebhardt is in charge of the FBI's Northern California office. Based in San Francisco, his division covers fifteen counties, including the continually expanding "Silicon Valley" area. Computer crime is one of his biggest challenges.

"If the FBI and other law enforcement agencies are to be successful in combating this continually increasing problem, we cannot always be placed in a reactive mode, responding to computer crises as they happen. The results of the CSI/FBI survey provide us with valuable data. This information not only has been shared with Congress to underscore the need for additional investigative resources on a national level but identifies emerging crime trends and helps me decide how best to proactively, and aggressively assign resources, before those 'trends' become 'crises.'"

CSI, established in 1974, is a San Francisco-based association of information security professionals. It has thousands of members w?rldwide and provides a wide variety of information and education programs to assist practitioners in protecting the information assets of corporations and governmental organizations.

The FBI, in response to an expanding number of instances in which criminals have targeted major components of information and economic infrastructure systems, has established the National Infrastructure Protection Center (NIPC) located at FBI headquarters and the Regional Computer Intrusion Squads located in selected offices throughout the United States.

The NIPC, a joint partnership among federal agencies and private industry, is designed to serve as the government's lead mechanism for preventing and responding to cyber attacks on the nation's infrastructures. (These infrastructures include telecommunications, energy, transportation, banking and finance, emergency services and government operations). The mission of Regional Computer Intrusion Squads is to investigate violations of Computer Fraud and Abuse Act (Title 8, Section 1030), including intrusions to public switched networks, major computer network intrusions, privacy violations, industrial espionage, pirated computer software and other crimes

Security breaches soar in US some 90 per cent of US companies reported some form of security breach last year, costing them $265m, according to FBI figures.

Loss of customer goods accounts for 29 per cent of these costs, while loss of staff time accounts for 22 per cent, money loss 23 per cent and loss of revenue 18 per cent.

The figures are revealed in the ePrivacy & Security Report, published this month by researcher eMarketer, which includes data from various sources showing how privacy and security issues impact companies and their customers.

Hacking is growing at an alarming rate, with the number of reported hacking incidents increasing from 4942 in 1998 to 17,672 in 2000, according to the Computer Emergency Response Team, a federally funded centre for the study of internet security vulnerabilities.

FBI data for 2000 shows that viruses ar top the range of reported breaches experienced by some 85 per cent of companies, followed by 79 per cent reporting employee abuse of the internet. Unauthorised access by outsiders was reported by 71 per cent of companies, and denial of service by 27 per cent.

Chris McNab, network security analyst at MIS Corporate Defence Solutions, said the UK will"reflect a similar pattern to the US", but added that "our figures could be worse because we are behind the US in terms of information security".

SECURITY By Jo Ticehurst [22 Jan 2001]

UK Government Site Double Hacked

Swindon Borough Council's website was defaced twice by two different hacker groups at the weekend.

The site, www.swindon.gov.uk, was one of many government and military websites around the world to be defaced on Saturday by a hacking group called Pentaguard, which has been responsible for around 40 hacks over the last year.

Other sites attacked were UK government website www.bseinquiry.gov.uk and Australian government website www.brighton.tas.gov.au. Swindon's site was then hacked again on Sunday by a group or individuals known as "Krab". The defacement was still visible on Monday morning.

A spokeswoman for the borough council said: "Our ISP now has the website up and running, and we are conducting an investigation into whether there are any gaps in security." "There is no confidential information on the site," she added.

According to Chris McNab, network security consultant at MIS, the website is running Microsoft's Internet Information Server (IIS) 4.0 on Windows NT."If they had installed the latest patches like any good systems administrators, then they wouldn't have had this problem," he said.

The Swindon website joins a long list that ha?e been defaced by hackers exploiting the vulnerability in IIS 4.0. Earlier this month, another borough council - Bury - was hacked. At the beginning of the year, Boots' website was defaced using the same vulnerability. According to attrition.org, which mirrors compromised websites, NT was the most hacked server operating system last year.

Insurance firms are hoping for a boom in business as companies scramble to protect themselves against the rise in computer crime. Internet fraud, email abuse, hacking and viruses are among the crimes set to rise over the next 20 years, according to research commissioned by the Association of British Insurers (ABI).

According to the report - Future Crime Trends in the United Kingdom - which was prepared by independent research group Building Research Establishment, increasingly sophisticated hacking tools will make these crimes easier to commit, even for the unskilled. Of even greater concern, it predicts that specialist "hackers for hire" will pose an increasing threat to the security of corporate systems.

Mary Francis, the ABI's director general, said: "I hope the research will help organisations identify some of their vulnerable points, and encourage them to build as much protection as possible into their information systems."

"Insurance products are continually developing to meet the demands of new technology, but, as ever, prevention is better than cure, and we must all do what we can now to prevent these crimes before they have a chance to start," she added.

A spokeswoman for the ABI said that the market for insurance against security breaches, which has until now been restricted to a few specialist brokers, is set to expand.

"In order to be covered, firms will have to improve their security so the risk to be insured against is a genuine risk, rather than a likelihood," she said. Because of the lack of experience in the industry, she said users should be clear of what is included or excluded in any insurance policy, and stressed the importance of defining their requirements carefully from the start.

Security firms are beginning to team up with insurance brokers to offer policies that protect against loss of revenue and information arising from security breaches. For example, MIS Corporate Defence has today announced it has teamed up with insurers J S Wurzler to provide companies with loss of revenue and virus attack insurance.

The risk assessment is based on a security audit carried out by MIS which is then submitted to Wurzler for approval. The policy carries a premium based on the integrity of a company's IT security infrastructure. But Andrew Tanner-Smith, an industry analyst at Frost & Sullivan, said that setting up insurance cover for these eventualities is fraught with difficulties for users.

"It's very difficult for firms to put a value on the confidential information which is needed to establish the extent of insurance cover," he said. "There is also a natural reluctance to discloseconfidential information about security to any third party because it might affect the share price of firms."