Attacks on computer networks rank alongside terrorism as among the gravest threats to national security, the Government announced today. The elevated state of alert for cyber security comes ahead of the publication of a new National Security Strategy, which will form the background for Strategic Defence Review. The Government also announced £0.5bn extra funding for cyber crime prevention. By Helen Beckett [Published 21/10/2010]
Next Pearl Harbour
Cyber crime has been identified as a "new and growing" danger by the Home Secretary, Theresa May. She cited research which found that 51% of malicious viruses identified last year were new, in an interview on the BBC’s Today programme.
Malcolm Rifkind, chairman of the cross-party Intelligence and Security Committee, commented that the US believes that a cyber attack could represent ‘its next Pearl Harbour’.
The dramatic upgrading of cyber crime on the political radar comes as no surprise to those in information security jobs who police the networks of UK business and government. “The Government has to ensure that the nation is secure from foreign threat and the defence of the realm, nowadays, has to include computer-based attack”, said David Emm, senior researcher with Kaspersky Lab.
Threat to fragile economy
Additionally, cyber crime against the economy also represents an increased threat to national security during a recession, when it has more power to hurt, pointed out Emm. “Public qualms about shopping or transacting online could further damage an already fragile economy”. This concern was first raised by the House of Lords Science and Technology Committee.
Emm said that while security may ‘feel the pinch’ during the recession like other departments, IT managers no longer have to make the case for security to the board of directors. In the last five years, cyber crime has evolved from cyber vandalism to a means of conducting organised crime, and IT professionals from system administrators to network engineers should up their security knowledge, he said.
New security models sought
Security conferences in London and Berlin last week debated different models that would ensure a more coherent approach to monitoring multiple threats, which include botnets, trojans and viruses. Microsoft has published a white paper, Public Defense that examines the use of a public health model that would quarantine infected devices, for example.
While the public health model of security has salient points such as raising public awareness and prescribing good security behaviour, it is ‘an unenforceable ideal’, said Kevin Whelan, CTO ITC Global Security.
“A computer virus is not like an organically evolved virus – it is built to specifically attack a target, and therefore has a specific remedy”. Whelan added that the criticality of cyber security warrants its own model.
People will always be the weakest link in the battle to protect corporate information and data from attackers, says Giri Sivanesan, CISSP and CLAS consultant at Pentura. “Attacks by hackers on businesses are increasingly being committed with a similar modus operandi to corporate espionage carried out by foreign states and state sponsored attackers”.
Search CWJobs for IT security jobs.
