Kuert

March 25, 2008

19 March 2008, Budapest – KÜRT Information Security and Data Recovery Zrt has carried out a security audit at the Kuwait subsidiary of the Zain Group. The team competed for the assignment with the world’s largest expert security services provider. The project lasted 2 months, and was completed this February. The team of Hungarian experts (among them professional hackers) tested the information security of the Middle East’s leading telecommunications firm. The client’s satisfaction with the results are demonstrted by the fact that talks are already in progress regarding the project’s continuation. The Security Intelligence products continuously developed and perfected by KÜRT are reaping worldwide acclaim, and are one of the drivers of the company’s success.

In autumn 2007, having competed with the world’s “big 4” companies in the field, as well as Saudi and Belgian security consulting firms, KÜRT won the contract to carry out an information security audit at the Kuwaiti subsidiary of the Zain telecommunications group, which serves 42 million customers and has annual revenues of some USD 6 billion. This was the largest and most complex IT security project yet carried out in the history of the Middle Eastern mobile telecommunications concern.

“KÜRT’s approach to security is unique in the world. Numerous successful projects testify to the high added value of our knowledge and technology, but the results of our project carried out in the Middle East have surpassed all prior expectations,” said CEO József Kmetty, adding that the chief executive of the Zain Group had taken a close interest in the work of the Hungarian experts, offering them his full support right from the outset. For their part, the KÜRT team cites as one of the greatest achievements of the project their success in uniting the various interests within Zain behind the project, as well as in raising their awareness of the real roots of the revealed information security problems and deficiencies.

In the course of two-month project, the Hungarian specialists first worked for the corporate giant’s Kuwaiti subsidiary from Hungary, before going on to test the system’s susceptibility to legal hacking and social engineering methods in Kuwait itself, as well as reviewing compliance with standards. They uncovered a number of security gaps in Zain’s system, and carried out specific and immediate “vulnerability prevention” measures. Following this, they prepared an action plan for the elimination of security defects, and as a result the IT system has been rendered even transparent for specialists at the company, and a higher level of security for data management has been achieved.

“What we have achieved in Kuwait is an enormous success, as for years our client has deployed considerable funds and a team of well-trained experts in its efforts to maintain security at the highest possible level,” said Sándor Zsilinszky, head of KÜRT’s Information Management Solutions unit. “It’s a testament to our expertise that within a comparatively short space of time we managed to completely assume control of systems that have been painstakingly built up by our largest international competitors, and that we succeeded in eliminating the security gaps thus exposed.”

Zain’s senior management spoke appreciatively about the information security measures carried out, and the impressive knowledge base of KÜRT’s Hungarian experts. In the light of the project’s success, agreement could be reached within weeks to continue the project, which would entail the implementation of comprehensive security protection and monitoring at Zain, as well as the ordering of other KÜRT services.

The products in the KÜRT Security Intelligence package include legal hacking, log analysis, regular training in security awareness, and network detection.
In the case of legal hacking, experts employ the latest methods used by “underworld” hackers to attack a client’s systems, first remotely over the internet, and then from within the given company itself. They draw up an immediate plan of action for the elimination or mitigation of security problems.
The log analysis service acts as a kind of sentry, keeping a watch over the company’s IT systems. The method makes it possible to predict system crashes or infiltration attempts in advance, but KÜRT’s team will also issue a warning in the event of IT systems (e.g. company management or customer service systems) becoming unavailable to users in the period when the business requires them.
Security bulletins are the most important tool of defence against the form of hacking known as “social engineering”. Creators of malicious phishing (data fishing) or social engineering attacks operate today using advanced methods that can be preempted if the users within a given company are prepared for them.
KÜRT’s detection services are available to clients who wish to discover the circumstances under which abuses are carried out, the identity of the perpetrator, and the specific illicit method used.

There is no such thing as an unhackable system, it is only a matter of time – the five principles adhered to by proffessional hackers:

• Hackers should recognize and observe the ethical and statutory rules governing “legal hacking”
• They should be aware of all malicious “hacking” methods
• They should constantly learn, and develop their skills in using the latest technologies
• They should always be one step ahead of the malicious hacker
• They should not use the acquired information for profit gain, but for the purposes of protection

Print page

Top of the page

Back