Half of UK networks vulnerable to APTs

Many UK corporate networks are vulnerable to advanced persistent threats (APTs), a survey has revealed.

Many UK corporate networks are vulnerable to advanced persistent threats (APTs), a survey by security management firm Wave Systems has revealed.

Some 43% of more than 200 UK enterprise network security professionals polled said they did not have an effective detection system or defence to deal with APTs.

For the purpose of the survey, APTs were defined as sophisticated malware that penetrates device and network security software barriers to disable or destroy equipment, or to steal data.

APTs can remain undetected over an extended time. The most notorious APT has been the Stuxnet virus, which targeted and damaged Iranian nuclear facility computers.

Although 94% acknowledged the benefits of hardware-based security built on open standards for device authentication and data encryption, 25% said their current network software could not manage and monitor the adoption of this form of security hardware.

APT generally function below the operating system in the form of root kits and boot kits, said Brian Berger, executive vice president marketing and sales, Wave Systems.

"Using hardware to provide a root of trust to check the state of the machine is a way of eliminating this risk by identifying APTs as early as possible," he told Computer Weekly.

Despite the large number of respondents indicating inadequate defences against APTs, most of them believe that their enterprise networks are effectively prepared to deal with cyber-attacks in the coming year, with 73% rating their organisation's IT defences between 7 and 10 on a scale of 1 to 10.

The survey report said this discrepancy highlights a general confidence and a false sense of security among network security managers about the ability of IT defences to prevent cyber-attacks.

The report notes that 66% of respondents said they had data that could be vulnerable without total port control protection tools, and 16% said they did not have security systems in place to prevent data loss through removable media.

Regulatory compliance was another challenge highlighted by the survey. Around a third of respondents said they did not have the means to provide proof of encryption within 24 hours of data loss or theft of a laptop. Furthermore, 40% said they were unaware that this requirement is mandatory under proposed European Union data regulations.

The study found that managing security in the Cloud is another significant challenge for network professionals, with 35% of respondents saying they had no proven and effective system for managing multiple types of encryption in cloud-based services, for example Full-Disk Encryption, Self-Encrypting Drives and BitLocker for Windows.

At the same time, 30% also said they did not have a single system to manage the authentication of all devices on a network, such as PCs, laptops, notebooks, smartphones and tablets.

The survey focused on new network security threats, regulatory compliance and the challenges presented by multiple devices and the Cloud, said Joseph Souren, general manager for Wave Systems in Europe.

"It indicates that there are definite gaps for many firms in both understanding of the growing cyber-threats and new strategies that enterprises must implement to be fully compliant with EU regulations," he said.

Read more on Hackers and cybercrime prevention