Security adviser: Cyberthreats keep growing
Howard Schmidt, former security adviser to the White House, warns of upcoming threats to businesses and the Net itself.
Industrial espionage by foreign governments, attempted fraud and internal threats all need to be taken into account by information technology managers, Schmidt said on Monday.
"Governments, to gain a competitive edge, acquire or steal technology," said Schmidt, who in 2001 was named vice chairman of the President's Critical Infrastructure Protection Board. "Why pay 20 million pounds ($38 million) for research and development when you can spend 5 million pounds for the same result?"
While security issues such as identity theft attract a lot of attention, Schmidt said, human error is one of the major issues IT departments have to deal with.
"We have a tendency to focus on criminality, but human error has its place. Misconfiguring a DNS (domain name system) router will shut down major parts of a company's network. Internal threats play as much a part as external threats," said Schmidt.
Because computer downtime is costly--especially for e-commerce sites and financial institutions--IT managers should carefully assess upcoming threats to their increasingly complex networks, according to Schmidt. High-speed broadband connections, the proliferation of established PC technology, PDA devices and Wi-Fi and WiMax access all mean hackers have increasingly complex interfaces to attack.
"Tomorrow there will be more vulnerabilities and points to defend. We all have colleagues with five computers, PDAs, two laptops, smartphones and home gateways. There are full metropolitan areas with free WiMax, and with that comes collateral damage," Schmidt warned.
The spam factor
Small enterprises in particular will find that they have more points to defend than before, leading Schmidt to recommend that they either spend more on security or turn to managed security services.
With the majority of hacks financially motivated, identity theft was a major concern for Schmidt. This problem has been perpetuated by a recent surge in phishing spam.
"Spam is a threat, not just a nuisance. A surge in the last three months has raised its ugly head," said Schmidt.
Criminals are increasingly using botnets--large groups of hijacked computers--to send out spam and conduct distributed denial-of-service attacks in which they bombard a computer system with data.
Schmidt said that whereas five years ago an attack might consist of data surging at a rate of 800 megabits per second, hackers now have the ability to launch 2GB or 3GB attacks that could potentially take out large areas of the Internet itself.
"There are sustained attacks against top-level domain servers, which if successful could make a large section of the Internet unavailable for two to three hours," said Schmidt.
Detective Constable Bob Burls, who heads botnet crime investigations for the Metropolitan Police in London, said the last botnet the police had cracked had been 20,000 PCs strong. While he could not offer details of the investigation, Burls said that a fast international response was essential to dealing with the problem.
"We use our international law enforcement contacts. It needs a quick response and someone savvy at the other end (to deal with botnets). We've established a network of like-minded colleagues who are aware of differences in jurisdiction. You have to be aware of how colleagues operate in different jurisdictions," said Burls.
The Metropolitan Police also link with the Interpol botnet taskforce, according to detective inspector Charlie McMurdie of the Metropolitan Police.
Schmidt, Burls and McMurdie spoke to ZDNet UK on Monday at the House of Lords event, which was organized by managed security services company Claranet.
Tom Espiner of ZDNet UK reported from London.