A series of recent attacks shows the threat that outside hackers present to the Internet-based New Economy, but a consensus among some security experts holds that the threat within organizations may soon become a more pressing problem for IT.
Panelists at that NetSec Internet Security Roundtable in San Francisco Tuesday said the majority of Internet security breaches are coming from what they call pack monkeys, script kiddies, and ankle biters. That class of hackers tends to comprise high school boys who are looking for bragging rights that they broke into a system. They are more akin to graffiti artists than hard core criminals. However, they can raise significant alarms within a company due to fears that they may have broken into something significant and important.
However, the real damage is likely to come from within a corporation.
Gene Schulz, research director and security adviser at Global Integrity in Reston, Va., said that inside attacks are far less common, but when they do occur, they tend to be far more devastating. That is because the employees know exactly which systems to attack for personal gain such as stealing company secrets or moving company funds into a Swiss bank account. "The ankle biters will gnaw away, but they will not do much damage," he noted.
Schulz said one of the most disheartening cases he had come across was when a company set up a honey pot (a fake server designed to attract the attention of hackers), and the company COO came for a visit.
A roundtable audience member, Barry Miracle, director of information security services at Charles Schwab in San Francisco, said employees can sometimes unintentionally cause damage by mere virtue of having physical access. He related a story about a trading firm in which an employee leaned against a keyboard and depressed a hot key to buy 10,000 bonds. Since he was using Windows, which repeats a function when holding a key, the firm was soon the not so happy owner of $2 billion in bonds.
Matt Archibald, director of security at Applied Materials in Santa Clara, Calif., said the real problem is not necessarily the big breaches but the hundreds of small events that happen all the time. Those include the theft of engineering documentation or minor transfers of money. "There are lots of small things you never see," he said. "There you 'potentially' get into large amounts of damage but it is just more dispersed."
As others have noted, one of the largest serious security problems involves the unwitting DSL user. A growing number of businesses are getting connected to the Internet via ADSL lines, noted Brian Leland, CEO of SonicWall in Sunnyvale, Calif. Those DSL users usually establish permanent connections without any kind of firewall or protections.