All the latest UK technology news, reviews and analysis

Poor evidence taking lets off hackers

by Robert Jaques

04 May 2004

Be the first to comment

  • Tweet this

Few companies have the proper audit trails in place to get convictions against hackers, according to security firm NTA Monitor.

The company claims that its research shows firms failing to maintain log files adequately - and in some cases not bothering to switch the logs on at all.

Further reading

Roy Hills, technical director at NTA Monitors, said companies do not turn on their logs because traffic gets monitored elsewhere, and because it uses up too much disk space.

"Other companies do log, but don't keep the records long enough," he added.

"I've seen several huge corporations where the log files are overwritten every 30 minutes. If they were attacked, there would be no record of what had happened.

"Then there are the people who are logging but not getting it right - like storing the information on public folders that hackers can access and easily cover their tracks."

Companies also forget time synchronisation, said Hills. A serious incident is likely to involve several different systems, but companies cannot piece together what has happened if they are unable to track from one log to another.

The Home Office is to review the existing Computer Misuse Act to see if it still provides enough protection against hackers and other problems.

But Hills said: "Most companies won't be able to supply the evidence needed to secure convictions, meaning criminals will get off scot-free despite any change in law."

Do you agree?

Add your comment
 

Add your comment

We won't publish your address
By submitting a comment you agree to abide by our Terms & Conditions. Your comment will be moderated before publication.
Submit your comment

Latest stories from Security

A Microsoft logo

Microsoft posts critical Internet Explorer patch with February fixes

Related white papers

Related articles

Related jobs

Today's top stories

Cern Control Centre building

CERN powers up Large Hadron Collider in final search for Higgs Boson

hp-z1-workstation-pc

HP takes wraps off all in one Z1 workstation

Asus Transformer Prime vs Apple iPad 2

Apple iPad 2 vs Asus Transformer Prime head-to-head review

Poll

IT priorities for 2012

What is the most important IT priority for your company this year?

99%

0%

1%

0%

0%

Features

V3 and The INQUIRER editor Madeline Bennett

BBC and Sky News show tough love with Twitter policies

V3's Rosalie Marshall

World indulges in a Facebook facts fest as firm prepares to float

facebook-new

Top five most interesting figures from Facebook’s IPO

Khidr headshot

Intel will prove Steve Jobs wrong in the mobile market

More features

Connect with V3.co.uk

Sign up to our daily or weekly newsletters

Case studies and reports

Accurev

Top 5 software development challenges

This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes

Talend

Rubbish in, rubbish enterprise

Why good data management at all levels is essential in the modern business (video, 6mins)

Technology jobs

Network Support Engineer Up To £40k

(Roc Search - Network Support Engineer, 2nd line, 3rd...

3rd Line Engineer / Infrastructure Engineer - VMware, Server,

3rd Line Engineer / Infrastructure Engineer - Berkshire...

SQL Server DBA - Database Administrator - MySQL Suffolk - £50k

MySQL SQL SERVER DBA / Database Administrator - Online...

PMO Analyst - Banking

PMO Analyst - Banking Client A financial organisation...

To send to more than one email address, simply separate each address with a comma.