The effectiveness of these attacks is limited in two ways:

• Data on the wire is generally available only in small pieces. It's true that many systems and applications send login/password pairs in clear text (without any encryption). An attack may capture such small bits of data; it may even be possible over time to assemble enough useful information to make identity theft possible. However, the attacker must either be directly connected to the internal network, or have succeeded in compromising an internal system and installing some form of sniffer to gather information. For the effort to be worthwhile to the hacker, many small chunks would need to be captured and then filtered out of the massive volumes of traffic traversing most of today's networks; and then the captured data would have to be reassembled into meaningful information. This is a tremendous task with a potentially very small payoff.
• Capturing data takes time. The longer the attacker is inside the network, the more likely he or she is to get caught. It's easier to get information at the source, rather than trying to capture and decode thousands of network packets.

Vulnerabilities of Data at Rest

While sniffing data on the wire may yield a big reward, data at rest is the proverbial pot of gold. Most organizations maintain detailed databases of their personnel information, for example, making the large corporation a very tempting target. These databases regularly contain quantities of names, addresses, and even social security numbers for tax purposes. This is all the information that someone needs to steal your identity. Statistics show that identity theft attacks are increasing. More than thirty thousand victims reported ID theft in 2000; in 2003, the Federal Trade Commission received more than half a million complaints.

A major issue in protecting your data repository is the fact that there are so many avenues of attack. Attacks can be launched against the operating system, the database server application, the custom application interface, the client interface, and so on. Application attacks don't have to be directed against the target application, either. Any attack providing system-level access to an attacker is a risk to your data.

Your system is also a potential target for a multitude of computer viruses, worms, and Trojans. Current reports put the number of these types of applications at more than 100,000. Many recent computer worms leave systems vulnerable by covertly installing a backdoor that enables the attacker to enter the system at will.


How Can We Protect Our Data?

How do we defend against so many possible attack vectors? The key is to focus on the data. The first step should be data-sensitivity analysis as part of an overall risk-assessment process. Data-sensitivity analysis begins by identifying an organization's critical data and ways in which that data is used. Once the sensitivity of data has been classified, the organization can reach decisions about the necessary level of protection for that data. Your tendency may be to apply the greatest level of protection available, but that level may be neither necessary nor cost-effective. For example, you wouldn't spend $100,000 on a firewall to protect an expected loss of only $5,000. You can get a better idea of how to apply countermeasures if you include a loss/impact analysis as part of the risk-assessment process.

Simple Approach

A simple approach to data protection looks at the various layers of security that can be applied. Consider the following starting checklist: