All the latest UK technology news, reviews and analysis

Poor evidence taking lets off hackers

by Robert Jaques

04 May 2004

Be the first to comment

  • Tweet this

Few companies have the proper audit trails in place to get convictions against hackers, according to security firm NTA Monitor.

The company claims that its research shows firms failing to maintain log files adequately - and in some cases not bothering to switch the logs on at all.

Roy Hills, technical director at NTA Monitors, said companies do not turn on their logs because traffic gets monitored elsewhere, and because it uses up too much disk space.

"Other companies do log, but don't keep the records long enough," he added.

"I've seen several huge corporations where the log files are overwritten every 30 minutes. If they were attacked, there would be no record of what had happened.

"Then there are the people who are logging but not getting it right - like storing the information on public folders that hackers can access and easily cover their tracks."

Companies also forget time synchronisation, said Hills. A serious incident is likely to involve several different systems, but companies cannot piece together what has happened if they are unable to track from one log to another.

The Home Office is to review the existing Computer Misuse Act to see if it still provides enough protection against hackers and other problems.

But Hills said: "Most companies won't be able to supply the evidence needed to secure convictions, meaning criminals will get off scot-free despite any change in law."

Do you agree?

 

Add your comment

We won't publish your address
By submitting a comment you agree to abide by our Terms & Conditions. Your comment will be moderated before publication.

Poll

IT priorities for 2012

What is the most important IT priority for your company this year?

99%

0%

1%

0%

0%

Connect with V3.co.uk

Sign up to our daily or weekly newsletters

Accurev

Top 5 software development challenges

This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes

Talend

Rubbish in, rubbish enterprise

Why good data management at all levels is essential in the modern business (video, 6mins)

Assistant Director - IT Infrastructure - London

Assistant Director - Infrastructure - London - required...

Online Designer

A well established homeware brand is looking for an experienced...

Java Engineer, Real-Time Media, Agile, TDD

Join a team that is revolutionising the way media is...

Linux Server Support Analyst - Bristol/Bath

Linux Server Support Analyst - Bristol/Bath £20,000 plus...

To send to more than one email address, simply separate each address with a comma.