In the IT field network security is becoming increasingly more important. The recent events throughout the world has caused a slight decrease in the amount of ‘script-kiddies’ yet a rise in what is now being deemed as cyber-terrorism. Viruses and worms are also rising in popularity among the computer-underground community causing increasing concern for security. The US Patriot Act of 2001 included hackers, virus writers and cyber graffiti artists as committing terrorist acts. Also the recent stand taken by groups such as the Recording Industry Association of America (RIAA), suing individuals for Peer 2 Peer (P2P) file sharers, should raise concern among network administrators and systems administrators. These reasons should be reasons enough for IT departments to invest time and personnel to network security.

    In the past two years terrorist acts and political conflicts throughout the world have caused patriotic hackers and so-called hackers, also known as ‘script-kiddies,’ to come to the front-line. Only this line is not on the battlefield, this line is on the internet. In these past two years black-hat hackers and script-kiddies have been attacking sites and writing malicious code in order to cripple companies and governments. The United States has taken a step to circumvent these attacks which has caused a drop in the script-kiddie population. The drop in script-kiddies is due to the U.S. Government US Patriot Act of 2001 being passed, which strengthens the U.S. Computer Fraud and Abuse Act of 1986. This law imposes more strict laws on hacking, virus writing, and other such acts for example cyber-graffiti. This law has scared some from the ‘business’ yet has only perked the interest in others. The cyber-terrorism has also caused an impressionable generation of computer literate teenagers and young adults to rather take up arms and fight back with knowledge not guns. This fight is only paradoxical, or perhaps only these individuals are working with the ideology that the ends justify the means, because the are in turn not only crippling the targets in their attempt to create mayhem but are also smarting the common man who’s work depends on his/her computer to be in proper working condition. For these reasons someone should be devoted to controlling and monitoring not only network traffic but the general health of the network. General health of the network entails ensuring the proper patches are issued to new machines as they are deployed, disinfection of worms and viruses, and proper upkeep of a suitable security measure such as a firewall.

    Viruses and worms are a very common and fresh method for causing mischief and mayhem. The IT security industry is constantly fighting off and coming up with new ways to disinfect viruses and worms, which are becoming increasingly popular in the underground community. Virus writers often find security holes in software, typically Microsoft software, which they exploit in attempt to persuade the rest of the world to leave the Microsoft Windows platform. What they [most] do not realize is that this desired effect is not arrived to. The infected users only become more irate with the author of the virus and demand harsher punishment if caught. The infringement upon computer systems is an act security breech; viruses are included in this type of infringement. Since most all viruses are written to target the Microsoft Windows operating system, and a large portion of companies use Windows servers the increase in security concerns should be higher. Even on networks in which Windows servers are not present, if Windows is the preferred operating system then security concerns should be just as high. If a network security person were in place then that person should be responsible for ensuring that the network is susceptible to as few worms as possible and as ready for a virus epidemic as possible. Proper disinfection plans should be coordinated by this person along with the proper documentation of these incidents and filing an incident response in their own documentation and reporting any information recovered from any logs to the proper network provider.

    The recent stance taken by agencies such as the RIAA and MPAA as well as the birth of the Digital Millennium Copyright Act or DMCA has created a stir among file swappers. Users of Peer to Peer (P2P) Networks such as KaZaA created by Sharman Networks Ltd., have become the targets of federal subpoenas developing into lawsuits for the illegal possession of copyrighted material such as music and movies. These agencies are operating with what some consider extreme prejudice and are waging a war on file sharing. They are targeting individual users and their networks. A security role on a network should be responsible for monitoring this and other traffic. These file sharing programs can have a tremendous effect on networks often times bringing a network to its proverbial knees. If one of these agencies were to target a user on a network it would be up to the IT department to track that user down. Network security personnel should be watching for suspicious activity believed to belong to P2P file-sharing and handle this before a higher agency takes action into their own hands. Not only are these reasons important for network security, but viruses have begun spreading via the P2P community which again falls back on to the concept of security.

    This position, Network Security Coordinator, should function independently from any Systems Administrator or Network Administrator role. This individual should be responsible for informing all IT staff, especially systems administrators and those involved in loading machines for employees, of any patches or security holes in operating systems or software used by the company. Documentation is also a big part of the job. Following proper incident handling procedures would be a requirement for this job. This role should be filled by someone with a working knowledge of many different operating systems, ranging from Windows to Macintosh to the UNIX platform, and also very in-depth knowledge of networking, network security including logging, firewall knowledge, and incident response, viruses, worms and common propagation methods, and the mind-set of the common hacker. Just as it is often said a thief makes the best detective, the same applies here. If a reformed-hacker were to be the Network Security Coordinator for a company then that company’s network would be less like to receive breeches than that of a company who’s Network Security Coordinator had very little to no experience in the hacker community. A Network Security Coordinator should be overly willing to work with others in the IT department to help prevent any attacks upon the network be it denial of service, a hacked server or a virus outbreak because the ideal Network Security Coordinator should take an active interest in the status of the network.

Network Security Coordinator