Friday, March 6, 2009

Cyber warfare – how secure are your communications?

Written by Mike Simms

Almost every week the media reports on negligent loss of data, much of it highly sensitive. Perhaps with so many people using so much data in so many different places we should not be so surprised.

Today more and more organizations – emergency services, government departments and financial institutions – hold information nationally and access it nationally, and, in some cases, offshore it.

There is relatively little offshoring of information by government. But corporate organizations, credit helpdesks and so on hold their customer relations management overseas.

They share information over the web with a vast number of IT systems and databases. It is almost impossible for anyone to know on what scale this information is accessible.

The aggregation of information, in itself, escalates the level of sensitivity. So there is greater risk of abuse or corruption, either intended or accidental, as in the loss of the child benefit database last year.

Unfortunately, shared technology increases risk, and criminals and vandals are using this same technology to remotely attack data systems. These attacks can be very successful, and by their nature make the deterrent of legal action more difficult.

We are faced with different threat levels to network-based information systems. These range from the careless user who leaves a disc on a train to foreign intelligence services who engage in cyber warfare against perceived enemies.

An example of the latter centres on the Russian incursion into Georgia in response, they said, to Georgia’s attack on the breakaway republic of South Ossetia. In the weeks leading up to this, Russia had disabled the Georgian president’s website with a massive spam attack – what is known in the trade as a ‘denial of service attack.’

So in the quest to satisfy the network-enabled world’s increasing demand for effective data protection, the first step is an accurate assessment of risk.

At the lowest level, but the most common source of threat, are the millions of users themselves. They might lose a data stick, leave a laptop on public transport, or write their password on a Post-it note and stick it on their computer screen!

Next up are the service providers. With outsourcing on the rise you need to be confident your service providers conduct rigorous processes in how they look after their networks and information.

Higher still are the amateur hackers, of which there are many, although they are opportunistic and immediately they hit a firewall will probably move on.

At the pinnacle of threat are sophisticated hackers who are often linked to criminal gangs, and foreign intelligence services. These may be relatively few in number – but they have a lot of resources behind them, and therefore need correspondingly greater efforts to fight them.

Assessing the appropriate level of response for each of these threats is therefore the starting point to resolving the problem. There is no point in overkill, locking down systems so tightly that it imposes on the system’s usability if the information it contains is fairly innocuous.

When it comes to protecting our data many of us, it seems, are still stuck in the Dark Ages. People think IT protection is just about the computer. It is not the computer but the system it is running on that is most vulnerable. We now need to concentrate on how to secure information as it is being transported across networks.

Putting all the necessary protection into computers would be expensive, so making sure that computers can operate on secure and trusted networks is important because of the way we work today, using laptops, working away from the office, all done over public networks.

In Britain, sophisticated information assurance services are being developed which span cryptography, computer network defence, intruder detection and business continuity.

Computer network defence is the front line of cyber warfare. For some clients such as government, banks and financial institutions this means real time 24/7 activities manned by people in special trusted locations, and constant updating of threats.

It is vital to know what level of protection you need. But however good your information assurance is, if someone else has not taken adequate steps they are the weak link and your data is vulnerable because of them. In this network-enabled world we all depend on each other as never before.

0 comments:

Recent Posts