X

Commentary: Not quite the apocalypse

Although "hactivism" is a real danger, security companies looking to grow their businesses have driven the publicity about the hacking threat from China.

3 min read
By John Pescatore, Gartner Analyst

Enterprises should always take sensible precautions against hackers, but they can do with fewer apocalyptic warnings from U.S. government security agencies and vendors.

A number of security vendors issued such warnings in the wake of last week's alert by the FBI's National Infrastructure Protection Center about increased activity from Chinese hackers.

Although "hactivism" poses a real threat, security vendors or government agencies looking to grow market share in infrastructure protection have driven most of the publicity about increased threats of hacking from China. World events do increase the level of Internet attacks with political motivations, but those attacks are generally no more sophisticated than the Internet attacks that occur every day. No part of the world has a monopoly on hacking smarts--any politicized incident can drive hactivism from either side.

Enterprises should maintain standard levels of protection, regardless of world events, including the following:

 Firewalls
 Server-side antiviral protection
 Intrusion detection
 Regular vulnerability assessment

In addition, enterprises should take unusual precautions when they might be affected by breaking events. Government agencies, defense contractors and other companies associated with U.S. surveillance programs should have raised their level of vigilance as soon as the spy plane incident occurred. Enterprises with no direct connection to the event will likely see attacks increase only as much as they do on Halloween or in early September, when a new batch of college students get their free Internet accounts.

See news story:
Defacements rise in China hacker war
Security vendors and government agencies that vie for leadership in infrastructure protection by issuing press releases warning enterprises to be more careful can actually make things worse. After all, they provide the key element to attract hackers who had no ax to grind about incidents such as the downed spy plane: publicity.

Indeed, it sometimes is difficult to tell whether these vendors and agencies try to prevent damage or to cause it so as to drive new business. Even if these periodic warnings of an electronic sneak attack do temporarily increase enterprises' focus on information security, in the long term, they submerge legitimate threat warnings under a sea of meaningless press releases and breathless sound bites.

Gartner has noticed that category leaders in the security industry very rarely indulge in this public relations practice. Therefore, Gartner urges enterprises to emphasize relationships with security industry leaders that do not resort to such tactics. Security managers should provide upper management with filtered, realistic threat information and not rely on the hype spread by vendors that take the "sky is falling" approach.

(For related commentary on how to audit your Internet security policy, see TechRepublic.com--free registration required.)

Entire contents, Copyright ? 2001 Gartner, Inc. All rights reserved. The information contained herein represents Gartner's initial commentary and analysis and has been obtained from sources believed to be reliable. Positions taken are subject to change as more information becomes available and further analysis is undertaken. Gartner disclaims all warranties as to the accuracy, completeness or adequacy of the information. Gartner shall have no liability for errors, omissions or inadequacies in the information contained herein or for interpretations thereof.