informa
/
News

Reconnex Targets Threats

Reconnex released its latest Insider Threat Index(TM) for the first quarter of 2006

MOUNTAIN VIEW, Calif. -- Reconnex, the expert in discovering both known and unknown electronic risks, today released its latest Insider Threat Index(TM) for the first quarter of 2006, which reveals the extensive use of remote access protocols as well as the growing use of rogue VoIP protocols such as Skype, and discusses the risk they pose to the corporation. Leakage of Social Security numbers (SSN) and credit card numbers (CCN) continues to be a problem; 89 percent of corporations assessed exposed SSNs and 67 percent exposed CCNs. This exposure occurs despite Federal and state privacy laws and on-going publicity about the risks of identity theft. Reconnex compiled the current index from more than 1.1 Terabytes of raw data gathered from 48-Hour eRisk Rapid Assessments(TM) that Reconnex conducted from January to March 2006 in a variety of industries, including healthcare, finance, technology, and manufacturing. The e-Risk Rapid Assessment allows corporations to quickly assess the insider threat and conduct immediate forensic investigations to determine the sources of threats and the motivations behind them.

Leading Risk Indicators Widespread in Latest Analysis

The results of Reconnex's latest e-Risk Rapid Assessments show that organizations are still at high risk of having personal and confidential information leaving their networks undetected.

  • Webmail -- In line with previous Insider Threat Index findings, 89 percent of companies assessed had Webmail running over their networks.
  • SSN -- 89 percent of companies leaked Social Security numbers.
  • CCN -- 67 percent of companies exposed credit card numbers.
  • Instant Messenger (IM) -- Because IM can easily leave the network without detection, most organizations forbid its use, yet 78 percent of companies had IM on their networks.
  • Peer-to-Peer (P2P) -- P2P file sharing protocols, banned by most companies because they pose grave risks to corporate security, were found in 78 percent of companies, compared to 35 percent in all of 2005.
  • Remote access protocols -- These were present in 66 percent of companies.
  • Rogue VoIP protocols -- 22 percent of organizations had Skype on their networks.

Remote Access Protocols

The use of remote access protocols, which were found in 66 percent of companies assessed, can pose a very real risk to organizations. Tools such as Citrix/GoToMyPC create an SSL tunnel into the corporate network, which leads to multiple risks to its integrity. Since these tools encrypt the data stream, it is difficult to determine what data is flowing in and out of the network. If a remote access protocol is connected to a home PC, the user can easily transfer confidential documents from the corporate network to the home PC with very little risk of detection. In the other direction, files transferred from the home PC to the corporate network could easily be infected with viruses or malware. Since remote access protocols run through SSL or IPSec connections, they essentially subvert firewall policies and settings.

"No one is discussing the risks of remote access because every business routinely gives it to trusted employees, partners, consultants, and other third parties, but businesses really don't know what users are accessing or viewing," said Kevin Cheek, vice president of marketing at Reconnex. "However, anyone who terminates SSL or IPSec VPN connections to the corporate network needs to monitor where they're going and what files they're touching."

Reconnex Corp.

Recommended Reading: