New Zealand Computer Crime & Security Survey 2006 NetSafe

Document Sample
New Zealand Computer Crime & Security Survey 2006 NetSafe Powered By Docstoc
					Issue 23                           New Zealand Computer Crime & Security Survey
Publication date: 15 August 2006   University of Otago

                                   The New Zealand Computer Crime and Security Survey is conducted by the Security
Contents                           Research Group (SRG) of the University of Otago, in partnership with the Computer
                                   Security Institute (CSI), New Zealand’s Centre for Critical Infrastructure Protection
• New Zealand Computer
  Crime & Security Survey          (CCIP), and the New Zealand Police. This 2005 survey is the inaugural annual survey
                                   and is based on the CSI/FBI Computer Crime and Security Survey. The CSI/FBI Survey
• 2006 NetSafe Symposium
                                   is the longest running continuous survey in the information security field and commonly
  - CyberSafety & Security
  Online                           known as a leading source of statistics related to computer crime and security. The 2005
                                   survey results are based on the responses of 218 computer security practitioners in
• Policy Review –                  New Zealand (NZ) manufacturing, governmental, financial and medical organisations,
  Registering, Managing &
  Cancelling Domain Names
                                   and tertiary education providers regarding the 2004 calendar year. All monetary figures
                                   are in NZ$, roughly equivalent to US$0.5. Four questions in the 2005 survey address
• On the Radar Newsletter          issues considered in a previous 2004 SRG survey, allowing some discussion of trends.
• Is Encryption too Hot to         Most, however, have not been addressed in New Zealand before so trend analysis awaits
  Handle?                          subsequent survey results. The trends considered in this survey are:
• Surviving the Monthly Patch        •    Prevalence of security incidents
                                     •    Percentage of the Information Technology (IT) department budget spent
• Understanding Hidden                    on security issues
  Threats: Corrupted                 •    Use of cyber-security incident insurance
  Software Files                     •    Use of Intruder Detection Systems (IDS) technology
• Assessment of Windows              •    Popularity of common workstation operating systems (OS)
  Vista Kernel-Mode Security

                                   2006 NetSafe Symposium - CyberSafety & Security Online
                                   Internet Safety Group

                                   The 2006 NetSafe Symposium - Cybersafety & Security Online was held on the 6th and
                                   7th July 2006 at the Westpac stadium in Wellington. The Symposium was modelled on
                                   previous NetSafe conferences with a cross-sector focus on the issues of cybersafety
                                   and security online. This two day invitation-only event brought together leaders from
                                   a range of different sectors from New Zealand and the world, to look at child safety,
                                   network security (businesses, schools and community agencies), online confidence
                                   (secure transactions), and the e-crime challenges for law enforcement and the New
                                   Zealand legal system.

                                   Policy Review – Registering, Managing & Cancelling Domain
                                   Office of the Domain Name Commissioner

                                   InternetNZ, through the Office of the Domain Name Commissioner, is reviewing the
                                   existing Registering, Managing and Cancelling Domain Names Policy.
CCIP Contact Details:
                                   The Registering, Managing and Cancelling Domain Names (RMC) Policy sets out the
T:    +64 (0)4 498-7654            general rules regarding the .nz domain name space including registration requirements,
F:    +64 (0)4 498-7655            the information required to be on the .nz register and the general business processes
E:            that .nz operates.            Source:
Information Security Links         On the Radar Newsletter
National Infrastructure            LURHQ
Security Co-ordination
Centre (NISCC)                     In this edition you’ll find: Targeted Threats = Big Business, Featured Gartner Research, Internet
                                   Threat Update and Client Success Story: Securing e-Commerce and Proving Compliance.
Public Safety and Emergency
Preparedness Canada                Source:
United States Computer             Is Encryption too Hot to Handle?
Emergency Readiness Team

CERT Coordination Center           Cryptography, the science of information protection once seen as the domain of geek
(CERT/CC)                          academics and intelligence services, is going mainstream.
Australian Computer                Although cryptography has long been used to protect data in motion, for example to
Emergency Response Team            secure important diplomatic signals or sensitive Web pages, it is now regularly being
                                   applied to protect “data at rest” in databases, filing systems and storage devices while
Internet Storm Center (ISC)        allowing anytime, anywhere access.
US-CERT Cyber Security             Source:

                                   Surviving the Monthly Patch Cycle
Safe Computing Links               Internet Storm Center

The Internet Safety Group          There are basically a few tactics to this in use. What strikes me in the responses we
(NZ)                               got: most of those writing in value not breaking applications significantly more than
CCIP Security Tips                 patching before you get hit with an exploit. Perhaps there is a lot work left to be done in
                                   order to convince (upper) management of the risks of patching late as patching even an
National Cyber Alert System
(USA)                              hour after the worm or the targeted exploit hit you might cost the company significantly
                                   more than losing a few hours left and right over a not so critical system not being 100%
AusCERT National                   healthy with a new patch.
Information Technology Alert
Service (AUS)                      Source:

IT Security Awareness For
Everyone (UK)                      Understanding Hidden Threats: Corrupted Software Files
National Alerting Service          US-CERT National Cyber Alert System
                                   Malicious code is not always hidden in web page scripts or unusual file formats. Attackers
                                   may corrupt types of files that you would recognize and typically consider safe, so you
                                   should take precautions when opening files from other people.

                                   Assessment of Windows Vista Kernel-Mode Security
                                   Symantec Corporation

                                   Abstract—Windows Vista introduces several additional barriers that aim to prevent
                                   malicious code from gaining access to the operating system kernel. This paper is
                                   intended to provide a technical review of their implementation. The kernel mode security
Subscribe                          enhancements in Windows Vista are quite substantial, resulting in a dramatic reduction
Subscribe to the CCIP e-bulletin   of its overall attack surface. However, we have identified certain weaknesses in the
and other CCIP publications,       kernel enhancements that may be leveraged by malicious code to undermine these
alerts and advisories by           improvements
emailing “subscribe” to          Source:

                                   While this e-bulletin is accurate to the best of our knowledge, CCIP does not accept any responsibility for errors or omissions. If
                                   any of the vulnerabilities affects you, you are advised to ensure that you have the most current information available. CCIP will
                                   not be liable for any loss or damage howsoever caused, arising from or in connection with the use of information contained in
                                   this e-bulletin.
                                   CCIP only issues those external alerts that we assess as serious and would affect a large number of New Zealand users. For notification
                                   of all discovered software vulnerabilities we recommend that you subscribe to a commercial Computer Emergency Response Team or
                                   to vendor alert lists.
                                   Reference in this e-bulletin in any manner to any commercial product, process or service does not constitute or imply its endorsement
                                   or recommendation by CCIP. Views and opinions expressed herein may not be used for advertising or product endorsement purposes.

Shared By: