Whether it's fraud, theft or blackmail, computers have never been more vulnerable to attacks. Cryptic Software has developed a product it claims will effectively protect you from such threats. Claire Veares reports….

The papers like to give coverage to the latest computer viruses, particularly if it means an excuse to drag out yet another picture of Anna Kournikova. But this sort of threat is not necessarily the one that will cause your IT the worst damage – most attacks are carried out internally, by company employees.

This damage usually takes one of two forms: subversive hacking such as theft, blackmail and fraud, or what can be described as computer vandalism where data or hardware is attacked.

Attacking systems has never been easier. The web offers thousands of hacking tools, with new ones being developed all the time. The tools are often hidden inside seemingly innocuous, downloadable programmes such as screen savers. Hackers no longer have to be technically adept as damage now can be caused by the simple click of a mouse.

Products to repel IT invaders have struggled to keep pace with the speed of change of the invaders themselves. But hoping to change this trend is Kettering-based Cryptic Software.

What it does
The company's core product is called Cybersight. Using what Cryptic Software calls shape technology, computer systems are constantly tracked for known and unknown threats. Once identified, these are destroyed. Internet threats are also countered by a collection of web robots that update the company's library of threats from hacking sites.

Cybersight takes little time to install and leaves no trace, so it can be employed stealthily, without users knowing it is there. By a quirk of the technology, computers will also run slightly faster once Cybersight has been installed.

David Duke, Cryptic's technical director, says the rapid growth in the number and range of threats originating from the internet has taken existing security vendors by surprise. He says: “The way forward is to locate and nullify threats automatically, which is exactly what Cybersight does.”

Duke founded Cryptic two years ago and investors in the company include Legendary Investments and Southwind. Legendary Investments is the internet investment house established by Shami Ahmed, the founder of Joe Bloggs Jeans. Southwind is the trust set up by Bob Morton for his children. Morton is a non-executive chairman of Cryptic.

Other Cryptic employees include managing director Terry Bingham, sales and marketing director Sandy Mackenzie and financial director Nigel Moulding. All have wide experience of the IT industry.

Duke himself has a background in IT security. He has developed secure systems for a variety of companies, including Volvo UK, Whitbread and IBM. And when he worked at GCHQ, the Ministry of Defence gave him “top secret” level clearance.

Scope for misuse
Bingham says Duke foresaw a revolution in the malicious use of the internet and was surprised at the number of ways round security. “As soon as you enable something, you enable its misuse,” he says.

Security has to be approached in a different way now, according to Bingham. He says: “People don't come in through the front door anymore. There is no way you can protect all the entrances.”

He says you have to accept that invaders will get in and then deal with them. “All these types of threats have one thing in common,” he says. “They are planted and then detonated.”

Many of the modern threats to systems could already be inside firewalls Bingham warns, announcing their presence to potential hackers by posting messages on newsgroups or emailing on things like password information.

He says Cybersight is the first product to be able to detect these squatters. Cybersight looks at every file, regardless of what it is called. Simply renaming a file will not fool it, unlike traditional virus checkers, which see a new name as a different file.

“We've looked at every possible aspect and done a methodology that will take in everything,” Bingham says.

New developments to watch out for include Leecher, the DVD version of the music-sharing site Napster. Films take somewhat longer than music to download and while they are downloading, the computer's hard drive is open to anyone who wants to attack it.

Other potential nasties include a bug that attaches itself to the computer's hard drive once a particular website has been visited. Bingham says this bug is particularly vicious and he points out the damage it could do if popular sites are targeted: “Imagine if this was attached to the MSN home site.”