Symantec's Recent Security Lessons
As the top stand-alone security and antivirus firm, Symantec remains in the headlines about its precious software codes being exposed--and small and midsize businesses are left to wonder where they stand. Just recently, TechWorld reported that exploit code targeting vulnerability in the company's pcAnywhere computer remote control product has been published on the Internet, exposing users to possible attacks that disrupt the software's functionality.
This follows a security hack just over a month ago, when a crafty hacker released the source code for the pcAnywhere utility. According to an InfoWorld article from January, the release followed failed email negotiations to destroy the code. The hacker, YamaTough had tried to extort $50,000. The drama unfolded in the IT headlines for several weeks into early February when YamaTough told Reuters one of his purposes was met--to mock Symantec for its apparent attempt to buy protection, claiming he tricked the company into the bribe "so we could humiliate them."
The security breaches that continue to make headlines are an important reminder for small and midsize businesses that they must be serious about their own security and part of that means securing and protecting source code. Hackers are looking to do two things with source code. They either want to eliminate it or build a clone.
The end result is information theft. Hackers break into business networks to steal credit card or social security numbers for profit. While big corporations may make the headlines, small and midsize businesses are the easier target. In the end, a successful hack is extremely costly to businesses because they lose their reputation, which is key to retaining their customer base. Fines, lawsuits, and bad publicity are also very possible situations that businesses must avoid. Security strategies that are implemented must prevent theft of sensitive information from both inside and outside the company.
Each company is structured differently and hackers are not immune to targeting any of them. Hackers are consistently scanning and searching different networks, targeting a way to hack source code each day both against specifically chosen as well as random IT systems. If the right steps aren't taken, a business will at some point encounter a successful hack to its infrastructure that stalls its day-to-day operations. Today it can be argued that hackers are considered the most common threat in the IT world and countering them means taking the most protective measures and ensuring the best security practices remain in place.
While taking the basic steps to secure source code and implementing the basic security strategies may not be a solid guarantee against the daily hacker threat, it is a sure first step to avoiding any threats that may be lurking around the corner. With Symantec as the unfortunate example, absolutely no one is immune from security risk these days.
This post was written as part of the IBM for Midsize Business program, which provides midsize businesses with the tools, expertise and solutions they need to become engines of a smarter planet.