Global Watch: Attacks Come From Just About Anywhere

Whether you're sitting in Pittsburgh or Fiji, the risks and the threats against IT systems are the same. And the attacks can come from anywhere. -- Sidebar to: Big Bad World
Whether you're sitting in Pittsburgh or Fiji, the risks and the threats against IT systems are the same. And the attacks can come from anywhere. That's why security managers need to monitor world events that could generate an increase in attacks on their computer networks and systems.

"During political unrest, companies should be increasing their security monitoring and dedicating more resources toward looking for potentially bad stuff," says Pete Lindstrom, research director at Spire Security. By the time physical conflict spills into cyberunrest, it may be too late to do much to increase security defenses. "Hopefully, your protective defenses, such as firewalls and access controls, are already in place."

There's been a big shift in thinking, and security managers now see outsiders as the biggest threat to businesses. In 1998, only 14% of surveyed companies suspected computer hackers or terrorists as the primary sources of attacks; 58% blamed authorized users and employees as the cause of breaches. But this year, the InformationWeek 2003 Global Information Security Survey shows those statistics have reversed. Today, 58% of respondents say hackers and terrorists cause breaches; only 22% blame authorized users or employees.

"In 1998, the Internet was new and most of the threats were on the inside," Lindstrom says. "Five years later, anyone who installs an intrusion-detection system will see all of the drive-by shootings, attacks, and noise going on. The nature of the universe has changed."

There was a significant rise in the number of Net-based attacks launched in the second half of last year from certain countries on the "Cyber Terrorism Watch List," according to the latest Symantec Internet Security Threat Report. There was a 334% increase in attacks originating from the United Arab Emirates, a 250% increase from Jordan, and a 188% increase from Cuba. Attacks from other countries declined: Iran, -32%; Morocco, -48%; and Kuwait, -61%.

Security professionals need to more closely monitor hack attacks sparked by global events. During the war in Iraq, for example, more than 10,000 Web sites were defaced with political messages condemning or supporting the war. "The Internet brings protests anywhere in the world to your doorstep," says Mark Rasch, former head of the Justice Department's computer-crimes unit. "It doesn't matter if activists are in Tiananmen Square or Times Square, the Internet makes world events very local."

Illustration by Gerard Dubois

Return to main story: Big Bad World

chart: Ensuring Safety

Editor's Choice
Brandon Taylor, Digital Editorial Program Manager
Jessica Davis, Senior Editor
Cynthia Harvey, Freelance Journalist, InformationWeek
Terry White, Associate Chief Analyst, Omdia
John Abel, Technical Director, Google Cloud
Richard Pallardy, Freelance Writer
Cynthia Harvey, Freelance Journalist, InformationWeek
Pam Baker, Contributing Writer