Editor's Note: What If You're Under Attack And You Don't Even Know It? - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

07:17 AM
Stephanie Stahl
Stephanie Stahl

Editor's Note: What If You're Under Attack And You Don't Even Know It?

Generally speaking, I hate "what-if" scenarios. Why waste time worrying about things that don't exist? Of course, the continued threat of terrorism has what-ifs swirling through my head all the time. I don't like it, but it's now a fact of life.

On a less serious note, allow me to throw out some harmless what-if scenarios. My friend Wayne has the PIN number for his ATM card written on the back of the card. What if I swiped his card and raided his account? I wouldn't keep the money, of course; I'd just try to teach him a lesson. Then there's Marcus, who has his computer passwords on a sticky note next to his PC. The passwords haven't been changed in so long that the note has long since lost its stickiness. What if I accessed his E-mail and sent out messages on his behalf? They wouldn't be harmful; just something to teach him a lesson.

I don't plan to do these things. But I'm trying to make a point. I've been writing a lot about moral and ethical behavior lately, and I don't mean to beat a dead horse, but there seems to be an increase of "it's for your own good" behavior in the business world these days. It's a philosophy that the Deceptive Duo espouses, if you ask me (see "Deceptive Duo Preys On Poor Security Practices", May 6, p. 28). Whether you agree with this kind of behavior is a matter of opinion. But are you prepared if one of them comes knocking on your network? And do you want potentially illegal activity to teach you the lesson? Senior editor George V. Hulme takes you into the world of hacker Adrian Lamo on page 22.

Let me give you some good news about information security. The number of business-technology managers reporting attacks by malicious or otherwise annoying viruses has declined dramatically since last year, according to our annual Global Information Security Survey (see p. 36). So have denial-of-service attacks and other intrusive behavior. Are preventative technologies getting better and business-technology managers getting tougher? Or are the virus creators and hackers getting less sophisticated? There's no doubt that many managers have bolstered their technology defense systems. That's in part because of several high-profile security threats (as well as the potential threat of cyberterrorism following Sept. 11). But it's not time to let your guard down. The threat of more targeted, sophisticated attacks looms large. What's worse, some companies probably don't even know when, or if, they're under attack.

Getting back to the what-ifs, I'll admit my disdain for such scenarios is, well, unrealistic. When it comes to information security, your best bet is to explore every scenario and react appropriately. What if you aren't prepared? What if Adrian Lamo decides to peek into your network? What if some bored college student thinks it would be fun to infect your company with a virus? Or worse, what if it's already happening and you don't even know about it?

To discuss this column with other readers, please visit Stephanie Stahl's forum on the Listening Post.

To find out more about Stephanie Stahl, please visit her page on the Listening Post.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
2020 State of DevOps Report
2020 State of DevOps Report
Download this report today to learn more about the key tools and technologies being utilized, and how organizations deal with the cultural and process changes that DevOps brings. The report also examines the barriers organizations face, as well as the rewards from DevOps including faster application delivery, higher quality products, and quicker recovery from errors in production.
Think Like a Chief Innovation Officer and Get Work Done
Joao-Pierre S. Ruth, Senior Writer,  10/13/2020
10 Trends Accelerating Edge Computing
Cynthia Harvey, Freelance Journalist, InformationWeek,  10/8/2020
Northwestern Mutual CIO: Riding Out the Pandemic
Jessica Davis, Senior Editor, Enterprise Apps,  10/7/2020
Register for InformationWeek Newsletters
Current Issue
[Special Report] Edge Computing: An IT Platform for the New Enterprise
Edge computing is poised to make a major splash within the next generation of corporate IT architectures. Here's what you need to know!
White Papers
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll