It's War! Says Cyber Experts

FOLLOWING the recent stunning revelation that Russian crooks have stolen 1.2 billion user names and passwords, the biggest breach on record, experts say making the internet more secure will take a massive global effort. EVERYTHING from bolstering website security to a stronger push to prosecute the criminals, to better vigilance by consumers, will be needed. How much all this might cost is unclear, with some experts estimating it could take billions of dollars, while others insist it's more a matter of redirecting what already is being spent toward more fruitful areas. But even then, critical information on the internet may never be entirely safe, given the growing sophistication and ability of hackers to find new ways to steal it.

The attack by a Russian gang, uncovered by a Milwaukee security firm, has inflamed concerns about data protection on the internet and whether the security practices of thousands of companies around the world are sufficient to protect the financial and personal information of consumers. Security experts say businesses need to take the lead in tackling the threat, particularly since the software and computerised gadgets they make to access the internet are frequently riddled with weaknesses hackers can exploit. "There is zero or very little corporate responsibility being taken to insure products in the market are safe," said Melissa Hathaway, a former top federal cybersecurity official with the National Security Council and the Office of the Director of National Intelligence. "If we continue to see the market the way it is, we'll see more victims."

Critics have faulted many companies for being slow to address their cyber vulnerabilities, because of factors ranging from ignorance about the extent of their flaws, to the cost associated with patching them. Alan Paller, director of research at SANS Institute, an organisation that trains computer-security experts, said that because software can be easily manipulated by crooks, it's essential to either make programmers responsible for the financial damage that results when their code is hacked, or at least make them demonstrate they know how to write safe software through a skills test. Paller said companies also need to improve the ability of their security staff to deal with cyber crooks who sneak into the corporate networks. "I don't think they know how to do it in many cases," he said. Companies should also stop wasting money writing security-related reports - some of which are required by the federal government - and focus more on actually battling hackers. Fixing this problem would not cost all that much says Dennis Meharchand, CEO of Valt.X Technologies. If every computer and server had Valt.X installed, their vulnerabilities would disappear overnight. Valt.X can be added to a system, on an industrial scale, at a cost of less than $10 each.


Read the full article in

Comments are closed for this article.