Big Blue: Enemies are everywhere

[InfoSec News <isn () c4i org>]

http://www.zdnet.com/zdnn/stories/news/0,4586,2810785,00.html?chkpt=zdnn_nbs_hl

Reuters 
September 6, 2001 10:13 AM PT

LONDON - Computer hackers come in many shades--extortion artists,
corporate saboteurs, determined teenagers and legitimate IT
professionals. But according to security experts at IBM, they have one
thing in common: Every office has at least one.

Seizing upon the timely topic of Internet security risks, IBM this
week has launched a global advertising and public relations initiative
to plug its e-business security software and consulting expertise.

Business managers, concerned at the threat of attack, are fortifying
their internal computer systems. Last week, a Corporation for British
Industry survey revealed that two-thirds of U.K. businesses have been
the victim of a serious computer-related incident, whether it be
hacking, a virus attack or some form of cyber fraud.

It means that software firms and security consultancies may once again
have a big market for their services.

The corporate world, however, has been faced with a precarious
trade-off when it comes to IT security. Damaging corporate viruses
such as the Code Red worm, which continues to replicate around the
Internet unchecked, have cost industry billions of dollars in lost
productivity and software upgrades, experts say.

At the same time, belt-tightening initiatives rein in the corporate
budget process, crimping IT investment. IBM, for one, is hoping the
fear factor will motivate purse string holders not to skimp on
security initiatives.

Managers urged to be alert

At a press event in London on Thursday, IBM introduced two veteran
security specialists--dubbed "ethical hackers" by the company--to
discuss the fragile state of Internet security, and to get its message
across that upper management has to be more involved in IT defense.

"Ultimately, security is a management issue," said James Luke,
information warfare specialist with IBM Global Services in London.

Another reformed hacker, now employed by IBM as a security expert,
said that the incidence rate of viruses was on the upswing-and they
come from a seemingly benign source.

Novice hackers, called "Script Kiddies" in Internet parlance, "can be
the most dangerous," he said. They are among the largest population of
hackers, he added. Often, they are teenagers who get their kicks out
of defacing or blocking access to sites by employing virus programs
downloaded from the Internet.

"They know just enough to be dangerous," he said.

One famous "script kiddy" hacker was a 20 year-old Dutch man who
earlier this year admitted to engineering the Anna Kournikova e-mail
virus. The hoax e-mail carried an attachment that appeared to be a
picture of the tennis star. Once opened, it spread around the world
slowing down e-mail systems and shutting down some corporate servers.

Other virus authors, including the mastermind behind the recurring
Code Red worm, go undetected. Last month, Computer Economics of
Carlsbad, California, reported that the Code Red worm, which targets
unfortified computer servers, did $2.6 billion in damage.

Blueyonder, a British broadband provider from Telewest Communications,
continues to carry a warning on its site that the Code Red worm is
affecting service performance for some of its customers.
 


-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.