Number of Hacking Web Sites Grows 45 Percent, Highlights Increasing Security Risk for Companies, Reports Websense Inc

Business Wire, Dec 17, 2002

Business Editors & High-Tech Writers

SAN DIEGO--(BUSINESS WIRE)--Dec. 17, 2002

Websense Enterprise Software Can Mitigate

Growing Problem for IT Managers

Hacking tools used by employees within organizations may be the biggest security threat to emerge this year, leading to increased vulnerabilities, lost data, and wasted time and resources, reports Websense Inc. (NASDAQ:WBSN).

Websense, the worldwide leader of employee Internet management (EIM) solutions, reports that the number of hacking Web sites has increased 45 percent in the last 12 months, now totaling approximately 6,000 Web sites, encompassing more than one million pages of content. The dramatic spike may signal an increasing internal security risk for organizations worldwide.

Nearly 90 percent of U.S. businesses and government agencies suffered hacker attacks in the last year, according to Newsbytes, while 80 percent of network security managers claim their biggest security threat comes from their own employees, according to a survey conducted at this year's Gartner Information Security Conference.

"While employees are a company's greatest asset, they can also represent its greatest security risk," said Becky Bace, a network security expert and author of Intrusion Detection. "Hacking Web sites offer tools and instruction that allow even non-technically savvy workers to disrupt the normal operation of their own network or other networks outside their organizations -- on company time and using office computing resources."

Most hacking Web sites contain archives of available hacking tools, such as denial of service attack software, sniffer and anti-sniffer software and password crackers. In addition, the sites also offer free downloads of hacker programs -- such as Win Nuke, Boom and NetBus -- that enable employees to be self-taught. Finally, sites often provide step-by-step instructions for beginners on everything from how to gain unauthorized access to computer systems to instruction on how to perform attacks on routing protocols.

The increase in hacking Web sites may have much to do with both political and economic issues of the day. According to research from security firm mi2g Intelligence Unit, the "most hacked" country in the world is the United States, with more than 26,000 attacks occurring so far this year. In addition, the rising unemployment rate -- which recently hit six percent, according to the U.S. Dept. of Labor -- is creating a new pool of disgruntled workers willing to damage their former employers at any cost.

"A company that doesn't block employee access to the thousands of hacking sites that exist is simply enabling itself to become a target," said Andy Meyer, vice president of marketing for Websense Inc. "New hacking tools are emerging everyday, but they are very hard to find within organizations. The best current solution is stopping the problem at its source."

Today, Websense Enterprise v4.4.1 software helps companies block employee access to hacking Web sites, preventing the download of hacking tool kits, such as malicious executables, in the workplace. This is important because 85 percent of all computer hacking against companies is committed by former employees with knowledge of the company's computer system, according to insurance broker Near North National Group.

Websense Enterprise v5, currently scheduled to be released in the latter part of Q1 2003 and offered as a free upgrade to all current v4 Websense customers, will offer an optional client application manager (CAM) add-on module that will allow IT managers to prevent the launch of hacking applications on employee desktops. The CAM add-on module is expected to be released with managed availability through Q2 2003.

About Websense Inc.

Websense Inc. is the worldwide leader of employee Internet management (EIM) solutions. Websense Enterprise software enables businesses to manage how their employees use the Internet, improving productivity, conserving network bandwidth and storage costs, and mitigating legal liability. Ranked the highest quality database in a recent test of EIM products, Websense delivers the most effective and comprehensive solution in the industry.

Founded in 1994, Websense serves more than 17,800 worldwide customers, ranging in size from 100-person firms to global corporations. These include more than half of the Fortune 500, approximately one-third of Japan's Nikkei 225 and half of the U.K.'s FTSE 100, encompassing more than 13 million customer seats, pre-paid on a subscription basis. Websense has strategic technology relationships with Blue Coat Systems, Check Point, Cisco, Macrovision, Microsoft, NetScreen, Network Appliance, Nokia, SonicWALL, Tumbleweed and others. For more information, visit www.websense.com.

Except for the historical information contained herein, this press release contains forward-looking statements, including statements containing the words "planned," "expects," "believes," "strategy," "opportunity," "anticipates" and similar words. Such forward-looking statements are subject to known and unknown risks, uncertainties or other factors that may cause the company's actual results to be materially different from historical results or any results expressed or implied by such forward-looking statements. We assume no obligation to update any forward-looking statements to reflect events or circumstances arising after the date hereof. The potential risks and uncertainties which could cause actual growth and results to differ materially include but are not limited to, customer acceptance of the company's services, products and fee structures, the success of the company's brand development efforts, the volatile and competitive nature of the Internet industry, changes in domestic and international market conditions, and foreign exchange rates. Further information on the factors and risks that could affect Websense's business, financial condition and results of operations are included under the headings "Risk Factors," "Risks and Uncertainties" or "Factors Affecting our Operating Results" contained in Websense's public filings with the Securities and Exchange Commission, available at (http://www.sec.gov).