->PConnect(script.ftech.net,mi2gl,m4d2e,mi2gl)
 

Internet Trojans likely to cause havoc for Company Directors

press release

London, UK, 09:30 GMT 20th August 1999 - Several thousand company directors in the UK may be in violation of the Data Protection Act if they have a business connected to the internet. Proper protection needs to be put in place against unauthorised access of customer and employee data, held by their company. The emergence of Remote Control Trojan Horse (RCTH) software variants has greatly multiplied the risk of violation. Trojan variants can be sent into company networks via e-mail, lie undetected and continue to export vital information to internet locations anywhere in the world via the backdoor.

"Newer, more sophisticated and deviant variants of Trojans are being released constantly. It is a nightmare to realise that cameras and microphones connected to computers may be unknowingly transmitting internal conversation and images to third parties in the world. All customer credit card records, passwords, intellectual property, spread sheets and personnel details may also be exported out of the company in bursts lasting a few seconds each. When it is discovered that this has happened, how are the directors going to respond to their customers, share holders and regulatory bodies?", said DK Matai, Managing Director of mi2g software.

The two most popular Trojan Horses are Netbus and Back Orifice 2000. There are at least thirty more including Girlfriend, Master's Paradise and GateCrasher. These variants have been disguised as several hundred games, screen savers, pictures, holiday greetings, upgrades and other harmless looking files to be sent to unsuspecting business users by e-mail. Anti-virus toolkits cannot detect most of the variants with name changes, default setting changes or when they are installed via the startup menu.

"The guidelines issued by the Data Protection Registrar provide some guidance to companies wishing to review their security measures to protect against unauthorised access. Apart from the obvious dangers of piracy, passing off, denial of service or other hazards, including possibly extortion, directors need to be aware of the Data Protection Act requirements and the effects of exposing their wired business to the internet.", said Larry Cohen, Head of Intellectual Property at Hammond Suddards, a leading UK law firms.

On Wednesday 8th September, mi2g software is holding the 2nd seminar in a series on, "Countering the growing Corporate threat from Cyber Warfare" in the City of London at 5:30pm in conjunction with Hammond Suddards. The purpose of this exclusive seminar, aimed at the CEOs and FDs of financial institutions and multi-national corporations, is to present the need for well funded Bespoke Security Architecture solutions, that are individually designed for each company, to counter the growing corporate threat from Cyber Warfare through Trojan Horses, Viruses and Hacking.

________________________________________________________________________________

Editor's Notes:

1. This is an issue with international ramifications. Data protection across the EU is being harmonised, and the directives are in place. Businesses need to ensure that their approach is consistent across Europe. Meanwhile, the US is relying on self regulation, and with a prohibition on the transfer of computer data outside the EU becoming imminent, internal data transfer checks will have to be constructed by multi-nationals. Directors will have to be careful to ensure that EU data protection laws are not circumvented by inadvertent transfer due to lax procedures in the USA.

2. Cyber Warfare is when individuals acting via the internet or through viruses malevolently attack industry, business, social utilities and national security with an intent to cause disruption or damage. Such individuals need only a relatively simple computer capability to make such Cyber Attacks highly effective. mi2g successfully predicted the Cyber Attack to businesses, governments and financial markets in early January, which was brought home during the recent NATO-Serbia Cyber War between March and early June.

3. The total cost of servicing Cyber Warfare incidents worldwide is likely to exceed $20 Billion in 1999 according to mi2g. In the last seven months, there have been three major virus attacks and several full scale Cyber Attacks. Melissa in March, Chernobyl in April and the fatal ExploreZip in June cost corporations huge unplanned and unbudgeted resources. The cost of disabled computers and their down time through each major worldwide Cyber Warfare incident is already exceeding $2.5 Billion.

4. Hammond Suddards is one of the UK's largest commercial law firms. Larry Cohen, as Head of Intellectual Property at Hammond Suddards leads a team of legal experts in Internet practice and e-commerce issues. Recently, he has been actively engaged in the campaign against Genetically Modified (GM) crop protesters, many of whom take an anarchist viewpoint and some of whom the Police believe were involved in the organisation of the Stop the City protest on June 18. These organisations have been using the Internet as their means of communication in order to co-ordinate protesters against the planting of GM foods and other genetically modified crops, while relying on Civil Liberties to try to prevent their own Cyber secrets being disclosed under court order.

5. mi2g software (www.mi2g.com) is a Central London based R&D focussed e-commerce technology enterprise that has already developed the main components to become a world-class player in secure e-commerce trading, broking and banking. mi2g pioneered the concept of secure internet lounges - industry specific portals - in early 1996.

Renowned worldwide for the ATCA Briefings. Subscribe now.
 
Home - Profile - Values - People - Careers - Partners - Contact Us
D2 Banking - Bespoke Security Architecture - Digital Risk Management - Tools

Intelligence Briefings - Brochures - Case Studies -
SIPS Methodology FAQ (pdf)
Keynote Speeches - Articles - News Feeds - Glossary (pdf)
Terms and Conditions - Privacy Policy