Cyber Intrusion

A small non-profit, one of my newer clients contacted me recently. They had just upgraded a computer operating system and they needed to install some virus protection software … and by the way could I look at that pesky DSL connectivity problem while I was at it? Their DSL connectivity was inexplicably cutting off at random intervals. Resetting the modem would fix the problem for a while, but they were finding it increasing difficult to get any work done. What?

This is a tale of a small non-profit that was struck by virus and denial of service woes that essentially put them out of business for days. Cyber intrusion can be very costly in terms of lost productivity to all companies, but small businesses and institutions are particularly vulnerable because they have fewer resources to devote to preventive measures. Let us look at the real costs to your business of neglecting to protect your computers and network from cyber intrusion.

The Real Problem
Viruses, Trojans and spam are an increasing problem for all computer users in companies both big and small. Firewalls, virus protection, spam blockers — it seems like every time you turn around you need to install yet more software on your network to protect yourself from potential cyber intrusion.

According to George Shaw who has been keeping track of such things for several years, the average computer is scanned by automated port scanning scripts looking for vulnerabilities many times a day. And let us not forget how many virus-laden e-mails are floating around. In January 2003 PSINet Europe purposely installed an unprotected system on the Internet. Within 24 hours the system was attacked 467 times.

While that might just seem like it is just creating more business for IT consultants, cyber intrusion is an even more insidious problem for small businesses because it can seriously reduce productivity or in the worse case scenario literally take down the business for days at a time.

Back to my client, I started installing the virus protection package. In the process it found about 10 different virus infections. Okay, that was cleaned up, so now onto the Internet connectivity problem.

After sitting on hold for about 20 minutes the service provider informed me the problem was that my systems were sending out denial of service attacks and the provider was thoughtfully shutting the connection to protect the network. Okay, so the problem was that the systems were infected with some nasty Trojan horse. Wasn’t it nice of them to proactively inform us? Which system? Then I was told that the server did not have any virus protection software because it did not need it; after all it was only serving files. Wrong!

To make a long story short, three of the five machines on the network including the server were riddled with disruptive viruses. It took about a week to clean everything up.

Now remember all this time my client was barely functional. That meant that the administrative staff was unproductive — no bills got paid, no invoices were sent out, services were not delivered and clients were unhappy. The loss to the institution’s reputation was incalculable.

This incident devastated a small non-profit with five machines, so it can happen to anybody who is not paying attention. According to the U.K. Dept. of Trade and Industry, “78 percent of companies surveyed had experienced at least one malicious security incident, with 44 percent experiencing them within the last year.”

Can you really afford to take the risk of not protecting yourself against cyber intrusion?

Preventive Measures

Fortunately most of the things that you can do to protect your computer systems are simple and relatively inexpensive, but they are only effective if you practice “safe computer hygiene.” You can never guarantee that you will not be cracked, but here are six easy tips to follow that will reduce your risk substantially:

  1. Invest in a good virus protection package subscription on every computer that touches your network, including — and most importantly &#151 your servers. That includes systems that you do not own. If your clients and your employees want to connect to your network, insist on protection.
  2. Install a firewall and check your logs periodically. You have a choice of a purchasing a firewall appliance or installing software on your server. The server software is cheaper, but it might drag down the system performance. For a tiny network, the firewall built into your router is probably sufficient — just remember to turn it on.
  3. Automate the software update features so that you will be protected from operator error. With new viruses coming out daily, I cannot emphasize enough how important this is. Remember, it took only 10 minutes for the Sapphire/Slammer SQL worm to span the entire Internet.
  4. Keep all your machines updated with all the latest security patches. The crackers know all the vulnerabilities much better than you ever will. Again, it’s even better if you can automate the patch process.
  5. Never use the default passwords and settings that come with your systems. They are common knowledge, so it is like handing out the keys to your network front door to random malicious strangers.
  6. Most importantly, educate your employees about cyber intrusion basics. If your network or systems suddenly become sluggish for no obvious reason do not wait, you should be looking for problems immediately.

Conclusion
Unfortunately, what my client experienced was not unusual. It could happen to any small business that is not paying attention, because the cyber criminals are out there … waiting for an opportunity to strike.

In retrospect investing in some smart systems protection seemed like a small price to pay to prevent the massive disruption of compromised systems and lost productivity. Remember the cleanup can easily be ten or twenty times more expensive for your business than the cost of the protection. Think of cyber intrusion protection as a form of insurance that you cannot afford to do without.

Beth Cohen is president of Luth Computer Specialists, a consulting practice specializing in IT infrastructure for smaller companies. She has been in the trenches supporting company IT infrastructure for over 20 years in a number of different fields including architecture, construction, engineering, software, telecommunications, and research. She is currently consulting, teaching college IT courses, and writing books about IT for the small enterprise and wireless network security.

Do you have a comment or question about this article or other small business topics in general? Speak out in the SmallBusinessComputing.com Forums. Join the discussion today!

Must Read

Get the Free Newsletter!

Subscribe to Daily Tech Insider for top news, trends, and analysis.