Cybercrime dominated the IT and national press in 2010 with many high profile incidents from global cyber attacks to international botnet busts. Stuxnet, which is a form of malware that targets industrial equipment appeared in June 2010, and changed the cyber security landscape as we know it. The Stuxnet incident provided a wakeup call to businesses and governments. Stuxnet reinforced the idea that cyber warfare has become very real and a serious threat to internet security. The FBI recently announced it logged its two millionth internet crime complaint in November, reflecting the continued growth of cybercrime.
However, last year also saw some very high profile successful investigations which have resulted in major busts of criminal networks. The gang behind the Zeus Trojan was arrested in September after stealing millions from U.S and UK bank accounts. Leaseweb was involved in an incident that received worldwide attention in the media involving an operation led by the Dutch police, which secured the takedown of servers associated with the information-stealing Bredolab botnet, estimated to have infected 30 million computers worldwide. But these steps have nevertheless failed to stop all malicious activity associated with the botnet network. Leaseweb has been an internationally recognized leader in internet security, through its Community Outreach program and other initiatives. We are often asked what server customers can do to stay protected on the net in 2011, and what potential security issues should be monitored? We see the following trends in 2011:
1. Increased security initiatives for smartphones and cloud computing:
Having people access information from various devices and locations is a security nightmare, and 2011 may be the year that many of these flaws are exposed and concerted efforts made to obtain a more secure environment. Leaseweb continually audits its procedures and operations to ensure customers receive a most secure hosting environment.
2. Global legislation:
This year will see a major response to cyber threats by national and international legislative bodies. The UK Government highlighted online security as a major risk and pledged £500m to fighting cybercrime during the spending review last year, whilst the European Commission has just unveiled its security plan which includes proposals for greater cyberspace protection. Leaseweb believes any legislation that targets malware, must allow hosts to safeguard the privacy of users and customers in the most effective way possible. The right to privacy for legitimate internet activities must always be paramount.
3. Government sponsored cyber attacks on the back of Stuxnet: Many security experts have suggested that cyber warfare will rise in 2011, as some countries seek to use malware to obtain privileged information. Whilst these incidents may not be in the magnitude of Stuxnet, it is a very real threat which Leaseweb continues to monitor. Clearly one of the factors in choosing a reliable host must be the quality and security of services provided. Locating your data infrastructure in a secure hosting “neighborhood” will be of a high priority for many enterprises, governments and individuals in 2011. Recognizing the value of a host that emphasized safe internet practices and protocols will assume an increasing prominence in the future.
The Anonymous Group, campaigning for Wikileaks, has paved the way for a whole breed of new hackers looking to get across a political agenda. This year will see even more attacks against organisations deemed to be doing wrong and many global enterprises will be looking to improve security across their network.
The bottom line is internet security must always be a serious concern for any serious organization. Leaseweb invests considerable resources in maintaining a top notch security department able to respond to security issues promptly and efficiently. To ensure the quality of service and the peace of mind Leaseweb customers expect, Leaseweb is committed to remaining a leader in internet hosting security in the coming year and will redouble its efforts to maintain a secure hosting environment for our clients..
Tweets that mention Top 4 things to monitor in order to protect your servers -- Topsy.comFebruary 4, 2011 at 23:56
[…] This post was mentioned on Twitter by Boanerges, Daniel Rodriguez and zeroskillor, Niels Groeneveld. Niels Groeneveld said: Top 4 things to monitor in order to protect your servers http://bit.ly/eECQRJ #infosec […]
Tweets that mention Top 4 things to monitor in order to protect your servers -- Topsy.comFebruary 7, 2011 at 14:29
[…] This post was mentioned on Twitter by Serge Beckers, 1H.com. 1H.com said: RT @LeaseWeb New blog post worth a read: Top 4 things to monitor in order to protect your servers – http://bit.ly/eIusAn […]
BillDecember 19, 2011 at 8:29
But how can people with relative low knowledge about hacking be on the safe side? I can monitor these tips, but it stays very hard if my server gets hacked for me to protect myself in any way.
Alex de Joode (Security Officer) • Post Author •December 21, 2011 at 10:03
A very good question!
Key in securing your server is update, update and update. Updates and patches fix known security holes, so your server is better protected against unscrupulous persons.
Firewalls allow data to reach certain ports and prevent data from reaching others, so that can be your second line of defense. In general, you should set up your firewall to only allow access to the ports being used on your server. This way connections to unopened ports are rejected, not unlike closing all the windows in your house and all the doors. The only entrance is front door, which you can easily monitor to see who is ringing the doorbell.
A third layer is running antivirus software. Make sure you run the ‘server’ version instead of the free ‘home’ version and set it to auto-update. Software that not only scan for viruses but also for other malware is considered a bonus.
Finally: check daily for updates and scan logs for ‘strange’ entries. Oh, and did I mention to do updates? ;)
Alex de Joode
Security Officer, LeaseWeb B.V.