Home » Magazine Archives » November 2007
Security Technology and Design
Most Read
Most Emailed
E-mail Article
Print Article
Beyond Natural Disasters
Business continuity issues you haven't thought of before
There's trouble brewing on the horizon. Your business could be headed for disaster and you don't even know it. The weather looks good, the terror alert level hasn't changed, but some things in IT are creating what could be one of your worst business outages ever.
When the business continuity and disaster recovery conversation comes up, we often think about things such as site disasters, environmental catastrophes, and hardware failures. These are certainly real threats and need to be considered, but there are other, less obvious, technologies and IT processes that can create just as much of a business nightmare.
Operating System Configurations and Maintenance
Many of the server operating systems I test for security weaknesses such as Windows, Linux, and NetWare, etc. are only one disgruntled employee away from being taken down. The problem is that many servers are not properly hardened from attack nor are they being patched like they should be. In fact, within a matter of minutes, someone with malicious intent on your network can discover a vulnerability and then run an exploit tool against it to gain full administrative level access to the system - often without anyone ever knowing about it. Figure 1 shows how the free Metasploit tool can exploit a missing patch on a Windows server to provide anyone on the network with remote access to the system.
Not only do misconfigurations and missing patches create serious business headaches, they also put sensitive information at risk. This is often information that may not be properly backed up or replicated elsewhere thus extending business downtime.
Web Applications
Another IT-related element that many people don't think about creating business continuity risks is Web applications. Be it e-commerce, intranet sites, data center monitoring systems - you name it - Web applications are everywhere are usually susceptible to attack. The four main areas posing risks within Web applications are:
Cross-Site Scripting where an attacker can modify a Web page or trick unsuspecting users to click on a malicious link thus redirecting traffic from your legitimate site to a rogue third-party site. Not only has sensitive information been compromised using this attack but many well-known Internet sites have been taken offline for extended periods of time creating big problems for the businesses affected.
SQL injection where an attacker can send database query commands to the Web application that are then redirected to the backend database. The result can be relatively benign in the business continuity sense where the attacker "only" reads what's in the database. However, with SQL injection, an attacker can also delete the contents of the database as well - certainly not good for keeping the business going.
