DSL raises security risk

3 Oct 2002

With digital subscriber line (DSL) services gradually being rolled out in Ireland by Eircom and Esat BT, few proponents of broadband are aware that it opens the door for hackers who relish lax attitudes to cyber security that will be made even more extreme in an always-on environment.

The majority of Irish firms can’t afford to have a full-time IT manager in-house and mostly tend to address security issues after a virus or hacker attack has occurred. Few update their anti-virus software and recent surveys indicate that one in four companies does not scan for viruses on email servers. It is also a well-established fact that hacking attempts on Irish corporate firewalls have doubled since last year.

Outside of Dublin, Cork, Galway or Limerick, very few SMEs (small to medium-sized enterprises) rely on ISDN or leased line services and therefore lack experience of always-on connectivity. Instead, many still rely on a dial-up connection as a means of accessing the internet or interacting with a supply chain.

This means that cost-conscious SMEs will only dial up for as long as necessary, keeping an eye on the clock. In many ways, this partially prevents them from being exploited by hackers as they are only online for a relatively short period. This is about to change, however.

The arrival of always-on DSL at a fixed price is expected to bring Irish SMEs out of the digital dark ages and on par with a broadband phenomenon spreading throughout the world. However, as the millions of PCs throughout the world move from dial-up to permanent connections over DSL and cable, a vast new array of potentially soft targets turns up on the internet for hackers to exploit. Stable IP (internet protocol) addresses will make it easier for hackers to stage break-ins.

Even if a particular security mistake only occurs with 0.1pc of users on a network, a hacker has technology that can scan 1,000 PCs in less than an hour. By the time the hacker has listened to a CD, two or three open PCs can be infiltrated.

Another concern is sniffing. Someone can get inside your network and embed a piece of software called a sniffer, which will intercept every packet that crosses the network, such as an email or attachment. If this is your business, they have closed you down.

At present Esat BT is on target to unbundle some 40 local telecom exchanges throughout the country, granting the availability of DSL services to regionally-based SMEs and SOHO (small office/home office) users, while arch-rival Eircom is focusing on rolling out DSL services to the Dublin business and residential community.

While both companies have been busy promoting their respective DSL offerings, neither has communicated the substantial risk that businesses face in an always-on environment.

Esat BT’s DSL product manager, Deirdre Donegan, acknowledges this fact, but affirms that the company is about to embark on a major security awareness campaign to accompany its DSL marketing campaign. “At present we are concentrating on providing DSL services to businesses and teleworkers and are focusing on the pricing issue, but are working on a pure security marketing programme,” she said. “I must emphasise that any time we sell a DSL connection we always tell the company or individual of the higher need for security. A lot of them don’t think about security initially. They think instead about the impact of higher speed for their organisation.

“One of the things to remember, however, is that with higher speeds, firms are better able to manage the updating of anti-virus software and are more inclined to do so than with a dial-up connection,” she added.

Donegan said that in conjunction with the rollout of DSL, the company has two firewall solutions aimed at SMEs, from the ZyXel Router family. ZyWall 1, aimed at SOHO and small firms, supports up to five PCs, has a virtual private network and costs €420. ZyWall 10 retails for €640 and is aimed at companies that have between 20 to 50 employees.

“For either of these, an engineer can go out and set it up or we can post out a pre-configured firewall solution to them,” Donegan said. “For corporates with large connected workforces there are other solutions available. For a fixed fee Esat BT will maintain a company’s firewall on an annual basis.”

A spokesperson for Eircom.net said the company strongly recommends to firms opting for any internet connection that a firewall exists between the modem, router and PC hardware. “We offer options with a firewall and without firewalls,” the spokesperson said. “It’s an easier option for the customer to go for the firewall option we offer, but it’s up to them. With any internet package Eircom.net would recommend that residential and business users take adequate steps for protection.”