Hackers present security nightmare
You have no credits left. To view this article subscribe to Business News.
You have used {{points}} and have {{current_points}} remaining. Your credits will reset on {{reset_date}}.
This article is part of a special report and is available to paid Business News subscribers only.
You can purchase access to this special report or subscribe to Business News.
You can purchase access to this special report or subscribe to Business News.
This article is premium content and is available to paid Business News subscribers only.
Subscribe to Business News.
Subscribe to Business News.
Tuesday, 8 June, 1999 - 22:00
Category:
TOO many companies falsely believe they are safe from computer hacking but it is a real and growing threat to business – and Australia is recognised as having some of the world’s most skilled hackers.
Already several internet service providers in Sydney and New Zea-land have been electronically flooded by competitors, disrupting their ability to serve their clients.
The Liberal Party website was hacked and altered during the recent Federal election.
NATO’s website fell victim to Serbian hackers at the beginning of the Kosovo crisis.
Dutch hackers managed to steal the battle plans for Operation Desert Storm before the campaign began. However, the Iraqi Government refused to buy the plans, believing they were fake.
The US Army director of information systems said he was considering taking most of his agency’s critical systems offline.
This is just the tip of the iceberg.
Engineering consultant CCD Eng-ineering Australia managing director Kerran Campbell said a number of big companies had been nailed by hackers and not reported it.
“They just find the loophole the hacker used and close it. They don’t want the embarrassment,” Mr Camp-bell said.
Edith Cowan University Manage-ment Information Systems associate head of school Bill Hutchinson surveyed 528 companies in WA and Victoria and found very few were conscious of the potential dangers from computer hackers.
It seems many companies believe computer hackers are just computer obsessed teenagers.
Mr Hutchinson said the stereotype existed but there was a fast growing threat from organised crime and terrorist elements.
He said many companies relied solely on passive computer security measures such as firewalls.
“Passive security measures are not going to stop determined people,” Mr Hutchinson said.
“As more businesses become electronically based, aggressive business practices are going to take on an electronic form.
“People are putting their trust in legislation to deter hackers and believe ethical business practices mean people won’t do it. That’s a huge leap of faith.”
Mr Hutchinson said the most dangerous form of hacking was the insidious kind.
“Anyone involved in intelligence or information warfare would say the best attack is the one you don’t know has happened,” he said.
“A competitor can use information warfare to change customers’ perceptions of a company.
“There have been cases of competitors diverting customers from a competitors website to a dummy site.
“Companies need to be more proactive. They need to be able to out-think their attackers.”
Mr Campbell said companies were often their own worst enemies.
“Some people use passwords that are so basic, such as their car registration number or their surname or their wife’s name,” he said. “Passwords are written on yellow sticky labels and stuck to the computer.”
Perhaps the greatest threat for electronic attack is from within.
The case of former Australian Defence Intelligence Organisation official Jean-Philippe Wispelaere shows how easily employees can remove sensitive information for their own gain.
Mr Wispeleare was caught in a Federal Bureau of Investigations sting when he tried to sell sensitive documents he had obtained from the ADIO.
Mr Campbell said one of the hardest things to detect was a disgruntled employee with malicious intent towards his or her employer.
Already several internet service providers in Sydney and New Zea-land have been electronically flooded by competitors, disrupting their ability to serve their clients.
The Liberal Party website was hacked and altered during the recent Federal election.
NATO’s website fell victim to Serbian hackers at the beginning of the Kosovo crisis.
Dutch hackers managed to steal the battle plans for Operation Desert Storm before the campaign began. However, the Iraqi Government refused to buy the plans, believing they were fake.
The US Army director of information systems said he was considering taking most of his agency’s critical systems offline.
This is just the tip of the iceberg.
Engineering consultant CCD Eng-ineering Australia managing director Kerran Campbell said a number of big companies had been nailed by hackers and not reported it.
“They just find the loophole the hacker used and close it. They don’t want the embarrassment,” Mr Camp-bell said.
Edith Cowan University Manage-ment Information Systems associate head of school Bill Hutchinson surveyed 528 companies in WA and Victoria and found very few were conscious of the potential dangers from computer hackers.
It seems many companies believe computer hackers are just computer obsessed teenagers.
Mr Hutchinson said the stereotype existed but there was a fast growing threat from organised crime and terrorist elements.
He said many companies relied solely on passive computer security measures such as firewalls.
“Passive security measures are not going to stop determined people,” Mr Hutchinson said.
“As more businesses become electronically based, aggressive business practices are going to take on an electronic form.
“People are putting their trust in legislation to deter hackers and believe ethical business practices mean people won’t do it. That’s a huge leap of faith.”
Mr Hutchinson said the most dangerous form of hacking was the insidious kind.
“Anyone involved in intelligence or information warfare would say the best attack is the one you don’t know has happened,” he said.
“A competitor can use information warfare to change customers’ perceptions of a company.
“There have been cases of competitors diverting customers from a competitors website to a dummy site.
“Companies need to be more proactive. They need to be able to out-think their attackers.”
Mr Campbell said companies were often their own worst enemies.
“Some people use passwords that are so basic, such as their car registration number or their surname or their wife’s name,” he said. “Passwords are written on yellow sticky labels and stuck to the computer.”
Perhaps the greatest threat for electronic attack is from within.
The case of former Australian Defence Intelligence Organisation official Jean-Philippe Wispelaere shows how easily employees can remove sensitive information for their own gain.
Mr Wispeleare was caught in a Federal Bureau of Investigations sting when he tried to sell sensitive documents he had obtained from the ADIO.
Mr Campbell said one of the hardest things to detect was a disgruntled employee with malicious intent towards his or her employer.