Open Source and Data Leakage will be Major Security Issue in 2008

Fidelis Security Systems, Inc. recently announced a new version of its product that prevents data leakage. In other news, Astaro AG released several open source security projects, and independent research from SecureWorks, Inc. uncovered details of the increase in hacker security sophistication.

Focal Points

• Officials from Fidelis Security Systems released the latest version of its security software, version 4.2 of its Extrusion Prevention System (XPS) that has the ability to work with Internet Protocol Version 6 (IPv6). While this will have immediate appeal for many government institutions that will be required to use IPv6 by June 2008, it is likely to take longer to have appeal for the enterprise, which has found ways to bypass IPv4 limitations. While the adoption of IPv6 is likely to be slow, moving to IPv6 is one way that companies can increase the security of their environments. Experton Group expects early implementers of IPv6 will start to move to it to increase the security of their IT environments.
• Astaro officials recently said that they were going to continue support for seven different open source security projects for 2008. Officials plan on increasing the number of projects they support in the future. Astaro's own products for Unified Threat Management (UTM) use over 300 objects that have come from various open source projects. Various security projects that Astaro supports include Exim, Firebug, Netfilter/iptables, OpenVPN, Snort, and StrongSwan.
• A recent published report from SecureWorks detailed the increasing sophistication of hackers to cooperate in developing malware distribution agents to support online criminal activity. The latest Pushdo Trojan downloader includes complex tracking mechanisms, as well as ways to check on whether various anti-virus tools are trying to find them. This particular downloader has the ability to launch over 400 different malware executables. The vast majority of these are designed to exploit Microsoft Corp. Windows-based machines. A typical infection method is to embed these Trojans in email spam as electronic greeting cards. Trackers, once loaded, can identify information such as IP address, hardware serial numbers, and geographic region of the infected machine.

Experton Group believes the pace of security projects will grow in 2008, as IT executives see the clear business need in protecting critical corporate information. As companies executives increase their understanding of the business risks associated with compromised data, more funding and emphasis will be placed on security projects that can be shown to directly mitigate loss of corporate information. Main projects will focus around database security, since this is where the protected information largely resides. Another area that is likely to  grown in exposure are open source  security projects, both because of the lower cost of obtaining security applications and the increased exposure that usually accompanies open software development. IT executives should analyze the data exposure potential, especially with respect to the insider threat.