Security experts say: "Don't ignore threat from within"
A series of recent attacks shows the threat that outside hackers present to the
Internet-based New Economy, but a consensus among some security experts holds that the
threat within organizations may soon become a more pressing problem for IT.
Panelists at that NetSec Internet Security Roundtable in San Francisco Tuesday said
the majority of Internet security breaches are coming from what they call pack monkeys,
script kiddies, and ankle biters. That class of hackers tends to comprise high school
boys who are looking for bragging rights that they broke into a system. They are more
akin to graffiti artists than hard core criminals. However, they can raise significant
alarms within a company due to fears that they may have broken into something
significant and important.
However, the real damage is likely to come from within a corporation.
Gene Schulz, research director and security adviser at Global Integrity in Reston,
Va., said that inside attacks are far less common, but when they do occur, they tend to
be far more devastating. That is because the employees know exactly which systems to
attack for personal gain such as stealing company secrets or moving company funds into
a Swiss bank account. "The ankle biters will gnaw away, but they will not do much
damage," he noted.
Schulz said one of the most disheartening cases he had come across was when a
company set up a honey pot (a fake server designed to attract the attention of
hackers), and the company COO came for a visit.
A roundtable audience member, Barry Miracle, director of information security
services at Charles Schwab in San Francisco, said employees can sometimes
unintentionally cause damage by mere virtue of having physical access. He related a
story about a trading firm in which an employee leaned against a keyboard and depressed
a hot key to buy 10,000 bonds. Since he was using Windows, which repeats a function
when holding a key, the firm was soon the not so happy owner of $2 billion in bonds.
Matt Archibald, director of security at Applied Materials in Santa Clara, Calif.,
said the real problem is not necessarily the big breaches but the hundreds of small
events that happen all the time. Those include the theft of engineering documentation
or minor transfers of money. "There are lots of small things you never see," he
said. "There you 'potentially' get into large amounts of damage but it is just more
As others have noted, one of the largest serious security problems involves the
unwitting DSL user. A growing number of businesses are getting connected to the
Internet via ADSL lines, noted Brian Leland, CEO of SonicWall in Sunnyvale, Calif.
Those DSL users usually establish permanent connections without any kind of firewall or