Kwazulu-Natal Business News

Send  Share  RSS  Twitter  30 Sep 2011

INFOTECH: Growing Number Of Attacks By Embedded System Software


Recent Kwazulu-Natal Business News

There is a growing security threat to standalone and networked computers by embedded system software, says infoprotect’s Scott Martin. “Home PC’s and networked computers alike are being attacked by embedded system software that gains access through social media tools. While typically the prime service delivery software is well written and contains little vulnerability, access is sometimes gained by embedded system software via third-party add-ons which are often poorly designed, increasing the risk of exploitation,” explains Martin.

Embedded software is software that the user can neither see, nor access or control. It operates behind the scenes, however it may be used by criminals to exploit vulnerabilities in the code to gain access to a system, endpoint, server or network. The bigger the system, the bigger the risk as more vulnerabilities will exist which a cyber-criminal can exploit. Many of these executables are designed specifically with malicious intent to acquire end-user personal information, which can be used for financial gain or to launch a larger attack on a third party.

Data Security In Your System Software

In today’s world of increasing mobility, other new information security threats are emerging that relate to mobile and storage devices. One such example is the threat to data security when a company laptop leaves the business premises. “When a company laptop leaves the office, it leaves the demilitarised zone of the company’s security system, including firewalls and email filters which deliver a distributed security function to the enterprise,” says Martin. “Therefore, while the security posture of a laptop is very strong when at the office, it becomes comparatively less secure as soon as it is taken out of the office environment,” he explains.

To overcome this, an end-point must have intelligent and variable security policies, which are automatically activated depending upon the whereabouts and method of connection and communication of the end-point. Only very advanced end-protection suite technology, such as SEP12.1 from Symantec, has the ability to automatically enforce an appropriate security policy depending on its whereabouts and the method of connection and communication.

Cyber-criminals are finding ever-increasingly ingenious ways of gaining access to a computer or network by side-stepping first-line defence perimeter security devices and technology. USB devices and other attachable devices are increasingly being used by cyber-criminals to attack information networks. Viruses and malware can be unintentionally and invisibly downloaded from the internet at the touch of a button. These unwanted viruses can then automatically copy themselves onto any attachable device connected to the computer, such as a USB memory stick or external hard-drive. These devices are then passed on to other users within the organisation and so the virus or malware is able to spread untraced throughout the organisation.

One Must Be Vigilant In Protecting Your System Software

External storage devices, such as USB memory sticks or external hard-drives, can also be abused or misused by internal employees to get around company security and technology policies. In instances like this, employees might use an external storage device to store and from which launch an otherwise prohibited programme to avoid detection by the company’s security and technology protection software. “Only the most advanced end-point protection security suite has integrated device control which can prevent certain executables from launching from an attachable device,” says Martin.

“Embedded system software, and the increased usage of mobile devices and storage devices will continue to increase the number of security risks faced by stand-alone and networked PCs. Only the most advanced end-point protection security technology for your system software is able to cover all these bases and prevent breaches in IT security that could be costly and harmful to organisations,” Martin concludes.

spaceacreBusiness Profilesstudy-it-onlinespine-alignjane-shonfeld

Online Foreign Exchange
Foreign Exchange


Fax 2 Email



Online Casino


Shop Online

Study IT
Study IT Online

Web design
Web Design


Work from Home
Company News


© 2020 All rights reserved.

Daily Newsletter Subscription


Subscribe to the Kwazulu-Natal Business News Daily News and information email (it's free).

Thank You
Your email address has been added.

Email Address: