Internet Security--A Plan of Attack
June 2000
|
There has been a string of incidents in which computer hackers attacked prominent e-commerce sites. The experts hope the incidents serve as a wake-up call.
BY CHRISTOPHER CORNELL
Not many weeks ago, you could scarcely watch a TV newscast without hearing breathless reports of prominent e-commerce sites being attacked by mysterious, unidentifiable "computer hackers." The stories probably sent chills down the spine of many a CEO whose company has recently ventured out onto the World Wide Web. After all, many of them must have said to themselves, if Internet stalwarts like Yahoo! and eBay can be victims, how can I possibly be safe?
Still, many of the news reports were more sensational than they needed to be. The recent attacks, while frustrating for e-commerce customers, did not actually damage computers, destroy data or compromise confidential files.
In fact, in the recent "denial of service" (DOS) cases, the only computers actually broken into were obscure collegiate computers, which were then used to tie up the e-commerce sites by sending thousands upon thousands of messages to them. It's a bit like somebody using a stolen calling card to call your customer service department, only to hang up, over and over again. The distraction would prevent your staffers from attending to legitimate customers, but it would not injure your employees or damage your equipment.
"In many cases, the mechanisms of the attack are pretty simple," observes Jack Danahy, president of Waltham, MA-based Information Protection Technologies, which produces system security products (they are found on the Web at iprotechnologies.com). "The news reports don't represent accurately the fact that these attacks are not the work of geniuses, but rather the simple execution of some well-known tool by what is probably some disenfranchised adolescent."
Larry Slotnick, vice president of engineering at Palo Alto, CA-based Noosh Inc.—developer of the Internet-based print production solution found at Noosh.com—agrees that some of the news coverage has been "overly alarmist. Web software tools will evolve to monitor and avoid attacks of this sort in the future," Slotnick predicts.
But in the meantime, nobody is recommending complacency. Some recent studies have shown that many e-commerce customers will migrate quickly to a competitor if they cannot get the service they want, at the moment they want it. To compound this problem, the research also indicates that this momentary change of direction often results in continued patronage to the new site. But this is not the only kind of attack that's possible.
BY CHRISTOPHER CORNELL
Not many weeks ago, you could scarcely watch a TV newscast without hearing breathless reports of prominent e-commerce sites being attacked by mysterious, unidentifiable "computer hackers." The stories probably sent chills down the spine of many a CEO whose company has recently ventured out onto the World Wide Web. After all, many of them must have said to themselves, if Internet stalwarts like Yahoo! and eBay can be victims, how can I possibly be safe?
Still, many of the news reports were more sensational than they needed to be. The recent attacks, while frustrating for e-commerce customers, did not actually damage computers, destroy data or compromise confidential files.
In fact, in the recent "denial of service" (DOS) cases, the only computers actually broken into were obscure collegiate computers, which were then used to tie up the e-commerce sites by sending thousands upon thousands of messages to them. It's a bit like somebody using a stolen calling card to call your customer service department, only to hang up, over and over again. The distraction would prevent your staffers from attending to legitimate customers, but it would not injure your employees or damage your equipment.
"In many cases, the mechanisms of the attack are pretty simple," observes Jack Danahy, president of Waltham, MA-based Information Protection Technologies, which produces system security products (they are found on the Web at iprotechnologies.com). "The news reports don't represent accurately the fact that these attacks are not the work of geniuses, but rather the simple execution of some well-known tool by what is probably some disenfranchised adolescent."
Larry Slotnick, vice president of engineering at Palo Alto, CA-based Noosh Inc.—developer of the Internet-based print production solution found at Noosh.com—agrees that some of the news coverage has been "overly alarmist. Web software tools will evolve to monitor and avoid attacks of this sort in the future," Slotnick predicts.
But in the meantime, nobody is recommending complacency. Some recent studies have shown that many e-commerce customers will migrate quickly to a competitor if they cannot get the service they want, at the moment they want it. To compound this problem, the research also indicates that this momentary change of direction often results in continued patronage to the new site. But this is not the only kind of attack that's possible.
|
Print Production Workflow: A Practical Guide
The Ultimate Guide to Multi-Channel Communications Solutions
