Ready, Aim, Hack - the New Warfare
Source: Information Technology
January 29, 2001
IN AN AGE in which corporations are more powerful than
governments and essential services are in private hands, the private
sector is becoming a more attractive target for cyber-terrorism, a
visiting online security expert says.
Crippling a country’s economic giants using information
warfare tactics is one of the most effective ways to attack an enemy,
says London-based Graham Titterington of independent analyst and
consulting company Ovum.
``In the world capitalist economy, most people regard
major companies as the country itself and that’s where you’d make the
most immediate impact,’’ Titterington says.
``People would go for major commercial organisations
rather than government.’’
Titterington was in Australia this month after
addressing the International Quality and Productivity Centre’s
e-security conference in Singapore. He says reports of online sabotage
during the Middle East conflict through defacing websites and denial
of service attacks - crippling a server by swamping it with requests -
are a sign of things to come.
Despite the increasing number of security breaches, he
says ``virtually all’’ business do not pay enough attention to
security.
Aside from virtual terrorism, external threats such as
online industrial espionage are also a growing danger for the
commercial sector.
``The traditional view of IT security was that it was
very largely an internal problem and the disgruntled employee, or very
recently ex-employee, were your number one threats. The threats that
you are exposed to on the Internet, the almost random threats from the
outside world, are so great that I don’t follow that model any
longer,’’ Titterington says.
``My feeling is that it’s pretty evenly pegged now. If I
had to come off the fence I’d put it slightly on the external. Most of
the more serious ones seem to come from external sources.’’
The FBI’s annual online security survey of the United
States’ Fortune 500 companies found more than half know they have had
an illegal use of their system over the last 12 months.
``These things do happen all the time and they’re only
the ones who know about it,’’ he says.
``The thing with espionage, for example, is that the
hackers try to get in, steal information and get out without being
noticed. They don’t want to do any damage because they hope they won’t
be noticed so they can get back in and do it again.’’
In the same way locks on doors only keep out honest
people, Titterington is philosophical about the effectiveness of
online security measures.
``Potentially it’s a bottomless pit. You could sink
millions into it and you still wouldn’t get 100 per cent security, no
matter what you did,’’ he says.
``Any e-business that is considering what to do should
think of it in a positive frame of mind; this is an enabler, this will
enable me to do things safely, this will build trust with my business
partners.’’
by Adam Turner
http://it.mycareer.com.au/e-commerce/20010129/A17393-2001Jan29.html