Internet Security--A Plan of Attack
There has been a string of incidents in which computer hackers attacked prominent e-commerce sites. The experts hope the incidents serve as a wake-up call.
BY CHRISTOPHER CORNELL
Not many weeks ago, you could scarcely watch a TV newscast without hearing breathless reports of prominent e-commerce sites being attacked by mysterious, unidentifiable "computer hackers." The stories probably sent chills down the spine of many a CEO whose company has recently ventured out onto the World Wide Web. After all, many of them must have said to themselves, if Internet stalwarts like Yahoo! and eBay can be victims, how can I possibly be safe?
Still, many of the news reports were more sensational than they needed to be. The recent attacks, while frustrating for e-commerce customers, did not actually damage computers, destroy data or compromise confidential files.
In fact, in the recent "denial of service" (DOS) cases, the only computers actually broken into were obscure collegiate computers, which were then used to tie up the e-commerce sites by sending thousands upon thousands of messages to them. It's a bit like somebody using a stolen calling card to call your customer service department, only to hang up, over and over again. The distraction would prevent your staffers from attending to legitimate customers, but it would not injure your employees or damage your equipment.
"In many cases, the mechanisms of the attack are pretty simple," observes Jack Danahy, president of Waltham, MA-based Information Protection Technologies, which produces system security products (they are found on the Web at iprotechnologies.com). "The news reports don't represent accurately the fact that these attacks are not the work of geniuses, but rather the simple execution of some well-known tool by what is probably some disenfranchised adolescent."
Larry Slotnick, vice president of engineering at Palo Alto, CA-based Noosh Inc.—developer of the Internet-based print production solution found at Noosh.com—agrees that some of the news coverage has been "overly alarmist. Web software tools will evolve to monitor and avoid attacks of this sort in the future," Slotnick predicts.