| Author (Person) | Mallinder, Lorraine |
|---|---|
| Series Title | European Voice |
| Series Details | 28.09.06 |
| Publication Date | 28/09/2006 |
| Content Type | News |
|
It seems strange to remember how the business world used to function a couple of decades ago, dependent as it was on snail mail and the fax. These days, many businesses would get very little done without PCs, mobile phones and Blackberries. But, while companies benefit greatly from the substantial increases in productivity afforded by new technologies, they are also exposed to the terrifying risks posed by worms, viruses, trojan horses and crackers (the malicious twin brothers of hackers). The mere memory of the destruction wrought by well-known viruses and worms such as ‘SQL slammer’ and ‘sasser worm’ could well send a shudder down the spine of many a company head. These forms of so-called malware caused havoc in 2003 and 2004, bringing company operations to a complete standstill by automatically propagating themselves within systems and infecting other computers at an exponential rate. Such evils usually arrive in the form of sinister emails bearing creepy good tidings. Then there are the crackers, either lone rangers or teams, sometimes funded by organised crime operations, whose aim is to extort money or to steal resources. Take the case of the Kazakhstan man found guilty by a New York jury in 2003 of trying to extort $200,000 from Michael Bloomberg, the city’s mayor, and founder of the news service carrying his surname. He had hacked into the news system, threatening that the service’s reputation would be damaged if Bloomberg did not pay up. "Historically, attacks against organisations have been motivated mostly by the underground kudos of vandalising a website, misguided but not commercially motivated," says James Rendell, an expert at the IT consultancy Internet Security Systems. "But, we believe there is much greater risk from organised crime. A well-documented case is where internet companies are flooded with traffic to the extent where there is a standstill. There are cases where companies have been blackmailed." Roy Hill, of NTA Monitor, an IT security firm operating worldwide, explains that small- and medium-sized enterprises (SMEs) often leave themselves wide open to risk. Most big companies will have an in-house person looking after their firewall, he points out, but SMEs often lack resources. Firewalls, in particular, are a common cause of headaches. "Firewalls are generally not simple. When they first come out of the box, they either allow everything or nothing through. So someone has to configure it to allow things that need to be let through," he says. Another common root cause of IT vulnerability is when companies do not upgrade their security software with patches. In 2003, it was estimated that external attacks cost companies €39 billion in damages globally. Rendell warns, however that the danger can often come from within. "If you ask the man on the street, the kinds of threats coming from his mind are from the outside. People think of hackers and worms. But in truth, the bigger threat for most organisations comes from internal sources. It could be where someone inside is tricked into allowing access by giving out a password to someone posing as a system administrator." Infiltrators can cause considerable harm, both in financial and brand reputation terms. The European Commission, aware of the potentially grave economic impact that external IT attacks could have, launched in 2005 the European Network and Information Security Agency (ENISA). Based in Heraklion, Crete, the agency gives advice to citizens, businesses and governments. "If information security is well managed, there is no political benefit as people do not know they are protected," explains executive director Andrea Pirotti. "If things go wrong, it’s a disaster. Until now, we have been lucky. The EU has not suffered heavy attacks." The certainties of the paper-based world are now a thing of the past. New technologies may have made businesses far more efficient, productive and, in many cases, profitable, but most people remain uneducated about the strange, new threats of the information age. "We believe that awareness at government level and user level is important because it is neglected," says Pirotti. "Think of SMEs without the time and the financial resources to have an IT department and running low profits with competition from economies like China." ENISA’s information package aimed at citizens and businesses, which is available on the agency website, has been downloaded 11,000 times. It seems strange to remember how the business world used to function a couple of decades ago, dependent as it was on snail mail and the fax. These days, many businesses would get very little done without PCs, mobile phones and Blackberries. But, while companies benefit greatly from the substantial increases in productivity afforded by new technologies, they are also exposed to the terrifying risks posed by worms, viruses, trojan horses and crackers (the malicious twin brothers of hackers). |
|
| Source Link | http://www.europeanvoice.com |
