E-envoy to wage war on hackers

[InfoSec News <isn () C4I ORG>]

http://www.vnunet.com/News/1117450

By Andy McCue and Steve Ranger
08 Feb 2001

Andrew Pinder, the newly appointed UK government E-envoy, is
spearheading a security crackdown to stop the spate of website hacking
that has so embarrassed Whitehall.

"We will press hard on standards for security," he said. "It is
important that government sites conform to reasonable standards so
that people feel that government is secure and cannot be brought down.
We will define strong guidelines to prevent the sorts of attacks that
we have seen recently."

Pinder's pledge comes just before the first meeting of the UK's
National Crime Squad, which will announce how its newly formed
National Hi-Tech Crime Unit (NHCU) will improve incident reporting
procedures and evidence gathering on security breaches.

The European Commission is also proposing a network of similar units
to enforce an international computer misuse law.

Users warn that the NHCU must keep the details of businesses who
report crime confidential, or risk deterring other companies from
reporting their breaches.

"Unless the [police] are very careful, they could alienate most online
retailers and service providers, and no one would ever bring a
prosecution to court," said Pete Marsden, chief technology officer at
online bank Egg.

"Part of the problem is that online organisations don't want any
publicity even in the event that somebody does get caught, whereas
[the police] do want publicity, to show they are an effective
organisation," he added.

A spokesman for parliamentary lobby group Eurim said: "There is a gulf
of misunderstanding between law enforcement, the security staff in
large organisations, and the suppliers. The high street banks have
larger security departments than the law enforcement agencies."

According to Eurim, one financial institution recently spent three
days negotiating with different police forces to report a massive
fraud attempt, but had to give up because the police weren't prepared
to act on the information.

Separately, a survey of Computing readers has revealed that 75 per
cent believe virus infections and hacking will stay at current levels
or get worse. Nine out of 10 respondents said their firms had suffered
virus infections, and half had been hacked or subjected to a denial of
service attack.

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".