Hackers will figure out how to make self-replicating worms that can spread stealth
software quickly. The worms could be timed to change over time to make them harder to
find and eradicate. Triggers that launch rogue programs could be set to the size of the
attack army or a special date. Do those sound like science fiction? They're only a step
or two ahead of today's hackers.
Larry Horton, the director of Network Services Consulting at
href="http://www.belenosinc.com" target="new">Belenos says, "Internet servers need
to be designed better." Horton believes the faster pace of deployment has caused many
companies to put up servers without taking proper precautions or thinking through the
I agree. You can make servers run faster, but you shouldn't if you're opening the
doors to an assault. Balancing speed against vulnerability gives rise to a new
discipline -- risk assessment.
Systems administrators need to plan next-generation infrastructures for anyone
wanting to do business on the Internet. For IT managers, this is the time to act. Let's
go back to basics. Make sure the holes are plugged on your own fleet of computers, so
you don't become an unsuspecting accomplice to saboteurs.
On the server side, watch your traffic. Use software-monitoring products, such as
BMC Patrol, to alert you to the first sign of trouble. Have a contingency plan for
shutting down servers if it becomes a necessity.
Maintain a relationship with your vendors. During the most recent attack, BMC's
Patrol alerted Amazon's IT staffers that the monitored thresholds had been exceeded.
Amazon stayed in constant communication with BMC, enhancing the ability of Amazon's own
staff in dealing with the crisis.
IT is going to be a lot different from dealing with predictable problems. Dealing
with the ugh-known is just one of the new challenges.
I'll be back to talk about more.