Active Internet content, invisible software microbes which silently enter computer networks and serve as ruthless digital moles for outside agents, now pose a greater threat to enterprises than viruses, according to a new report by Aberdeen Group, a leading market analysis and positioning services firm.

According to Aberdeen, many enterprise networks, most consumer PCs and almost all ISPs are now infected with active Internet content containing malicious software exploits that include: surreptitiously capturing e-mail handles, passwords and keystrokes; silently enabling hidden network services and ports, from PCs through firewalls; and redirecting outbound data to offshore sites by spoofing DNS addresses. Unlike traditional viruses, active Internet content is generally not detectable using traditional pattern matching security technologies, which are not looking for active content or cannot keep up with its rapid rate of change. In addition, they are not restricted to specific payloads; harmful content has been found in e-mail spam bombs, on Web sites and in simple text-based e-mail.

"During the past few years, almost every home user and organization with PCs connected to the Internet has been exposed to new forms of harmful software running amok across the Internet," said Jim Hurley, vice president and managing director for Aberdeen Group and author of the new report, "Active eIRM: New Realities for Managing Electronic Infrastructure Security." "This content is now being used for electronic reconnaissance, electronic probing, mail marketing, spamming, electronic theft, cybercrime, cyberterrorism, electronic identity theft and financial loss. Code Red, and other well-publicized recent exploits are just the tip of a much larger problem."

Signs of active harmful Internet content infections include: incoming e-mail with the user's e-mail address; degraded throughput and excessive disk drive chatter; unauthorized outbound connections to routers; Web site defacements; unauthorized and uninvited Instant Messaging and Peer-to-Peer protocols; Trojan horses embedded in IT maintenance software; and automated redirection of network IP destinations, among others.

Prepared to coincide with the release of the Federal Government's National Strategy to Secure Cyberspace, the Aberdeen report indicates that during the past year, many IT managers have begun to alter their plans and shift their focus to defend against harmful Internet content as well as leaks and assaults in and on the enterprise network, and business risk occurring form the misuse and abuse of e-mail and Web servers.

According to the report, a new capability, the automation of security processes, is providing IT with the ability to automate customized security processes throughout the enterprise. The result, active electronic infrastructure management (Active eIRM) security, is a step in the right direction of IT especially for IT buyer who are perpetually overloaded and underfunded. When applied to the IT infrastructure, the automation of security policy, combined with a new reordering of security's black box, promises more accurate measurement and management of risk.

For more information about "Active eIRM: New Realities for Managing Electronic Infrastructure Security," visit www.aberdeen.com.

Register or login for access to this item and much more

All Information Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access