Forwarded From: Nicholas Charles Brawn <ncb05@uow.edu.au>
23Apr98 UK: HACKERS SHOOT DOWN BIG GUNS.
By DAVID BICKNELL US View.
Security issues may not be very sexy, but a very real alternative is to
fall prey to hackers. Don't kid yourself that it couldn't happen to you
It is the doomsday scenario that no user - or supplier - dares to
contemplate. Blue-chip giants such as General Motors, Exxon and Bank of
America all find their corporate systems at risk because they have bought
compromised products from a computer company that has fallen victim to an
organised crime operation.
Meanwhile, the computer supplier's operations have been undone by changes
at the top, which give it a more marketing-oriented rather than technical
focus. Also there is not enough scrutiny of user passwords, which remain
either unchanged or left on sticky yellow notes on users' desks.
The direct mailing operations of the supplier, Houston-based Simtec, are
also compromised by the rogue organisation. It gets hold of Simtec's
mailing list and sends out a dodgy patch on official documentation, which
is promptly installed by thousands of users. Payment of a $1m 'ransom',
which becomes $5m, then $10m, would solve Simtec's problems, but it
declines to pay.
Of course, the networks security manager is immediately under severe
pressure to explain how the hackers gained access to the systems. And the
manager charged with turning round the company's direct-mailing operations
hit by Dell's success finds his sales and order delivery systems down. Then
an outside specialist security troubleshooter is hired to get to the root
of the problems.
Eventually, it turns out the whole scam was organised by one of Simtec's
disaffected executives. All sound far-fetched?
Well, it is from a fictional book, Bad Memory, written by a security
expert, Duane Franklet. But the network security concepts, and the
understanding of the potential effect on users of the company's products,
suggest that the novel is based on real-life problems.
It is worth persuading any IT manager, director or board-level executive to
read it to get them to understand what could befall your company. You can
get a copy in a couple of days from the Amazon.com Web site, assuming
you're not so security conscious you'd decline to give your credit card
details.
US cities are so short of industrial land that businesses are turning to
purpose-built high-tech buildings to offer them mission-critical Internet
and data access operations they can trust.
These 'cyber buildings' for both business and residential use have begun
springing up, building on the model offered by the Information Technology
Centre in Manhattan.
Originally an empty building, the centre was rewired with all mod cons, and
is now fully leased. Copy-cat structures such as Grand Millennium Building
on the Big Apple's Upper West Side, the Home Savings Tower, and 101 West
Broadway in San Diego also get a complete package offering satellite
access, single and multimode fibre optics, high-speed Internet connection
and videoconferencing facilities.
The idea, according to urban developers, is to create vertical high-rise
campuses rather than a horizontal sprawl.
And it has coined a new service. The janitor has been replaced by the
'cyber cierge', offering technical support. Even the term has been
trademarked by one savvy Internet service provider.
Only in America ...
COMPUTER WEEKLY 23/04/98 P30
-o-
Subscribe: mail majordomo@sekurity.org with "subscribe isn".
Today's ISN Sponsor: Dimensional Communications (www.dim.com)
Received on Thu Apr 23 17:05:13 1998