Recent world events have reinforced thinking that there are some pretty crazy people out there. For the 'man on the street', the safety and security of loved ones has become paramount in an increasingly uncertain world. For IT professionals, September 11 events have reinforced the real and probable threat of cybercrime; as Pete Young explains in our cover story, Security Blanket. In this Age of Insecurity, malicious virus and hacker attacks are on the rise. In fact, according to our Thinktank panellists, within the next two years, these two threats will remain prolific. But for the here and now, what frightening new twist network attacks may take, and the preparation for these events, are uppermost in the minds of information professionals.
Working against these vicious forces is turning into a full-time job for some IT managers. There's the constant flurry of software patches that need to be applied, and security infrastructures to be kept in check. There is also the newer wireless technology taking off within many organisations. While IT professionals may get swept up by the promise of cabling's obsolescence, security protecting these systems is suspect (to put it mildly). The wired equivalent privacy (WEP) algorithm, which is designed to provide the same level of security for wireless devices that a physical network cable can, is seriously flawed.
However, this 'minor' matter doesn't appear to be a problem for many organisations that have implemented wireless networks; simply because they haven't bothered to secure their networks. The results of Sandra Rossi's investigation into wireless LANS, Just Driving By, should send a wake up call to all IT professionals. Within a 5km radius on Sydney's North Shore, 43 WLAN access points were scanned (without even trying), and of these, only seven were encrypted.
While there are many external IT security threats, a more sinister menace is emerging from within company walls. Most IT managers believe security is both about risk management and hiring trustworthy people. But experts in criminal psychology say the onus is often on managers to take action to prevent current and former employees from lashing out in the form of cybercrime. As revealed in The Enemy Within, incidents of disgruntled ex-employees sending wave after wave of denial-of service attacks to a former employer are rising in number.
As Sandra Rossi uncovers in Hiding in the Shadows, the shadowy world of hacking contains some good guys, bad guys and plenty in between. Hacker attacks of all varieties are a nuisance for IT professionals, but whether the threat has come from a white hat' out for a bit of fun, or a potentially more dangerous source, is impossible to know . . .