Internet Security--A Plan of Attack
"The worst type of attack is one that involves data compromise," Slotnick notes, adding that a hacker can gain 'read-only' access—meaning that he or she can read the information but cannot change it—or modification access.
"Either, potentially, is hugely destructive to a company, depending on the degree of sensitivity of the data. Critical information about a company's strategic plan can be extremely valuable to a competitor. Companies should think very carefully about how critical infor-mation is made available over the Web."
"The real threat for the future lies in less well-known attack types where actual content is altered or services are rendered inoperable through machine changes," agrees Danahy. "In these cases, simple network reconfiguration cannot solve the problem. Entire systems will need to be reloaded and corruption reversed."
Could this happen to you?
"The threat is very real," Danahy says, and he has a list of things a CEO should know—or find out—about his e-commerce system.
The first question, he says, is: "Where are we hosting? If it is internal, do we have a firewall? Even if the Website is hosted externally, what about internal servers? Are they protected by a firewall?
"Second, who knows the root passwords, and where are they stored? The most common security breach is internal!
"Third, what strategies are we using to compartmentalize and protect client files? Who internally has access to these servers? Could someone break in via our Internet connection?"
White recommends that CEOs ask the information technology (IT) professionals at their companies these and other questions about Internet security, and listen care-fully to the responses. He cautions that if the responses are any of the following, CEOs should be very concerned for their security:
I'm not worried because we're pretty small.
"Organizations are typically not attacked for their size, but rather because their address fell within a range of IP addresses being scanned by automated hacking utilities," White says.