Experts fear hacking scenes in Matrix Reloaded are too accurate

[InfoSec News <isn () c4i org>]

http://www.computerweekly.com/articles/article.asp?liArticleID=122562

by John Kavanagh 
17 June 2003 

Expert BCS members have warned movie fans not to try to emulate the 
realistic depiction of computer hacking seen in hit film The Matrix 
Reloaded.

The society said many experts were sufficiently concerned about the 
accuracy of some of the computing scenes that they have alerted young 
enthusiasts about the illegality of hacking and the tough prison 
sentences handed out to perpetrators of this crime.

"Hacking is a criminal offence and the Metropolitan Police is 
targeting those who gain unauthorised access to computer systems. 
Courts are increasingly handing out stiffer sentences to those 
convicted," said detective constable Andy Cookson of the Scotland Yard 
Computer Crime Unit, whose members all recently joined the BCS.

Cookson said organisations had to be proactive in securing their 
networks. "Although Hollywood likes to glamorise hacking, and this 
movie would appear to be more accurate than many in its portrayal of 
network mapping software, it is not as simple as it appears. Effective 
monitoring of all applications and ensuring they are all patched to 
the latest version should deny easy entry."

Some forms of hacking are almost impossible to prevent but 
organisations can employ simple security methods, said Phil Phillips, 
spokesman for the BCS Information Security Specialist Group. 

"Hackers seek to exploit weaknesses in systems, operational procedures 
and user awareness. Suppliers offer updates that can minimise many 
common methods, but these have to be applied correctly, tested and 
maintained. This can often be a difficult business challenge. 
Operational procedures should also be tested and maintained as 
business and technology evolves," he said.

"In the face of the rising tide of assaults on systems, it is 
essential to recognise how and where risks can occur and to address 
measures to prevent, detect and minimise the impact on your business 
and your customers.

"A regular, thoughtful review of your business risks, coupled with the 
adoption of simple and obvious protective measures, mean you can go 
home comforted by the thought that any risk of hackers has been 
addressed."

Charlotte Walker-Osborn, IT lawyer for the BCS Information Security 
Specialist Group, said, "The Computer Misuse Act has always had teeth, 
as was shown when a hacker was recently sentenced for two years - the 
strictest sentence yet. Legislation currently being debated seeks to 
further strengthen this law.

"In the past, there has not been a high number of prosecutions under 
the Computer Misuse Act and this has generally been attributed to 
insufficient resources for investigations and a lack of reporting. The 
lack of resources is currently being addressed and prosecutions in 
this area are becoming more common." 



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.