Like so many things, network security is subject to ripple effects such that one action (or lack of action) can cause a significant change elsewhere. One case in point is software development. When developers write less-than-secure code, that impact is far reaching. For the enterprise, at a minimum, it typically means a lot more work for administrators. Of course, the impact can be much more severe and reach nearly every corner of the enterprise--information could leak, systems could be hijacked, the corporate image could suffer, and the list goes on.
The obvious solution is to get programmers to write better code. A news story on our Web site, "SANS Launches Security Certification for Programmers" (you can link to it in the Security News and Features section below), discusses a new testing and certification program that could have a positive ripple effect. If you're a programmer, even as a hobby, be sure to read the story and click the links. You'll find some practice tests that might help you, and you'll find out how you can become certified.
Another case in point is inadequate system security resulting in malware infestation and spam. When companies don't protect their systems adequately, those systems are bound to become infiltrated by malware. Most blackhats these days don't develop and spread malware just to idle or destroy a few companies' data or systems. Today's malware has a wider range of purposes, one of which is to make money by sending spam. So when your company slacks off on security and becomes infected with malware, that could very well result in an increase in spam for people all over the world.
I read an interesting story last week at The Register (URL below) about systems inside the networks of very well-known companies sending spam. Obviously those companies aren't taking care of security as best they could. Among the guilty companies identified were HP, Oracle, and Best Buy.
The Register's story is based on data collected by Support Intelligence, a security monitoring solution provider. Support Intelligence operates a number of spam traps and analyzes the headers of email messages received by those traps. That header data includes the IP addresses of the mail servers used to transmit the message, and those addresses can be used to identify the operator of the network that uses the addresses.
Support Intelligence's blog says that the company is using its spam trap data to identify Fortune 1000 companies that have bots operating inside their networks. Support Intelligence goes on to say that it will continue publishing its findings "until corporate America is clean."
If Fortune 1000 companies clean up their networks, everyone will most likely receive far less spam, and that's a good thing. However the same holds true for any other company, and it's a real shame that companies have to be publicly embarrassed by news outlets such as The Register and companies such as Support Intelligence before they'll do what they should already be doing. That holds especially true for companies such as Oracle and HP, both of which would like us to think of them as pinnacles of best practice and leaders in various areas of security.
If you're interested in this particular spam monitoring trend, keep an eye on the Support Intelligence blog, at the URL below.