Year in review: Safe and secure?

Driven by terrorist attacks as well as by persistent computer viruses, security became a top priority for companies and the U.S. government in 2002.

Microsoft kicked off the year with a companywide mandate from Chairman Bill Gates to focus efforts on security, privacy and reliability. One part of the plan is the company's Palladium architecture for turning PCs into closed digital devices that can be "trusted" with music, movies and corporate secrets. So far, the only tangible results of the plan have been three delays for .Net Server and $100 million in downtime for the Windows team.

On a national level, cries of cyberterrorist threats pushed the Bush Administration to finally unveil plans for cybersecurity in September. The draft plan, however, was widely criticized as being a water-downed version of a much tougher, original plan.

Internet worms kept systems administrators and corporations on guard this year. The Slapper Linux worm compromised nearly 10,000 servers, by some estimates, forming a peer-to-peer network that could have been potentially used for an attack. And a well-executed attack on domain name system (DNS) root servers reminded the technology community how vulnerable yet resilient the network of networks remains.

All in all, companies scrambled to secure their networks yet they still remained vulnerable to ever-elaborate attacks. This was great news for security software companies which had a good year despite the tech malaise.

Gates: Security is top priority
Microsoft Chairman Bill Gates sends an e-mail to company employees outlining a shift from focusing on features to spotlighting security and privacy. Critics say it's about time.

Lots of pomp, no circumstance
More than a month after a major Microsoft security push, observers are still waiting for real evidence that the company's priorities have changed.

Walking in a wireless minefield
Security researchers and wireless aficionados have found areas where hundreds of insecure networks can allow hackers to connect to the Net and conduct nearly untraceable attacks.

Defining e-terrorism's true threat
Security experts and network managers say privately that the threat of cyberterrorism has been overblown and misunderstood--and that physical attacks remain far easier to carry out.

Feds: Let corporations carry the weight
The "National Strategy to Secure Cyberspace" outlines a mainly hands-off approach to securing cyberspace, giving primary responsibility for Net security to individuals and corporations, rather than the government.

Cybersecurity plan has "no teeth"
Experts say little has been done to address many of the fundamental causes that lead to persistent vulnerabilities that expose Net users to myriad threats.

Net attack flops, but threat persists
A widespread but unsophisticated attack on the computers that act as the address books for the Internet failed to cause any major problems, but experts warn that more security is necessary.

Do you trust your computer?
A debate is growing over "trusted computers"--machines equipped with the technology to wall off data, secure communications and verify the characteristics of their system.