"During political unrest, companies should be increasing their security monitoring and dedicating more resources toward looking for potentially bad stuff," says Pete Lindstrom, research director at Spire Security. By the time physical conflict spills into cyberunrest, it may be too late to do much to increase security defenses. "Hopefully, your protective defenses, such as firewalls and access controls, are already in place."
There's been a big shift in thinking, and security managers now see outsiders as the biggest threat to businesses. In 1998, only 14% of surveyed companies suspected computer hackers or terrorists as the primary sources of attacks; 58% blamed authorized users and employees as the cause of breaches. But this year, the InformationWeek 2003 Global Information Security Survey shows those statistics have reversed. Today, 58% of respondents say hackers and terrorists cause breaches; only 22% blame authorized users or employees.
"In 1998, the Internet was new and most of the threats were on the inside," Lindstrom says. "Five years later, anyone who installs an intrusion-detection system will see all of the drive-by shootings, attacks, and noise going on. The nature of the universe has changed."
There was a significant rise in the number of Net-based attacks launched in the second half of last year from certain countries on the "Cyber Terrorism Watch List," according to the latest Symantec Internet Security Threat Report. There was a 334% increase in attacks originating from the United Arab Emirates, a 250% increase from Jordan, and a 188% increase from Cuba. Attacks from other countries declined: Iran, -32%; Morocco, -48%; and Kuwait, -61%.
Security professionals need to more closely monitor hack attacks sparked by global events. During the war in Iraq, for example, more than 10,000 Web sites were defaced with political messages condemning or supporting the war. "The Internet brings protests anywhere in the world to your doorstep," says Mark Rasch, former head of the Justice Department's computer-crimes unit. "It doesn't matter if activists are in Tiananmen Square or Times Square, the Internet makes world events very local."
Illustration by Gerard Dubois