Firms tackle cyber-sabotage

The shadowy world of internet revenge

By Maggie Shiels in San Francisco

Cyber-sabotage is regarded as one of the business world's dirty little secrets.

And it's one that is increasingly coming to light in the wake of scandals like Enron, Global Crossing and WorldCom.

The US recession and the thousands of lay-offs that have resulted have also forced the issue centre stage.

There is a worrying tendency for disgruntled employees to take their venom out on former employers by going back into the company system with their valid ID access codes to create chaos.

And that has created the business of trying to prevent such potentially damaging occurrences.

Terrorism fears

Jeff Drake is the co-author of a book called Security Provisioning and also the executive vice president of Access 360, a company that ensures that the right people in an organisation have access to the right computers and other secured information.

Jeff Drake: Trying to keep the wrong people out

At the same time, Access 360 also keeps the wrong people out.

Those can include people like hackers, former and current workers with a grudge and also those interested in cyber-terrorism, something that has become a viable threat in the wake of the 11 September attacks.

"This is a very serious problem and also one that is difficult to detect if ex-employees leave and their accounts or access rights remain," said Mr Drake.

"That means you can go back and access them at any time and it's undetectable because you are a valid user within the enterprise."

FBI help

One of the more high profile cases is that of Global Crossing where a former unhappy worker spent five months collecting and then listing the names, social security numbers and birthdates of all 8,000 Global Crossing employees on his website.

I think that companies are embarrassed and that's why they are not coming out to say how bad the problem is

Jeff Drake
Access 360

The company is reported to be pursuing civil and criminal action and the police and FBI are also investigating.

In May of this year, Ford Motor Company revealed that someone posing as an employee had collected the work and home addresses, social security numbers, account numbers and credit histories of 13,000 people over an eight-month period.

Again the FBI is involved.

Mr Drake says these incidents are all too common but they're not often publicised.

Secret trouble

"I heard about one case where someone was sacked from a company, they went back in and wreaked some havoc based on their valid user ID that was never removed.

"The corporation went to sue the individual and the individual sued the corporation.

"But the corporation paid the individual money to settle the lawsuit so it never went into the press.

"So I think that companies are embarrassed and that's why they are not coming out with statistics to say how bad the problem is."

Insider threats

A recent report by the Computer Security Institute found that 90% of businesses and government agencies detected security breaches within the last 12 months.

Their study also found that 44% of those taking part reported the loss at a total of over $455,000,000.

Patrice Rapalus, CSI Director, says their survey has challenged some of the profession's perceived wisdom, for example that the "threat from inside the organisation is far greater than the threat from outside the organisation".

"There is much more illegal and unauthorized activity going on in cyberspace than corporations admit to their clients, stockholders and business partners or report to law enforcement," said Mr Rapalus.

Terrorism fears

"Post 11 September, there seems to be a greater appreciation for how much information security means, not only to each individual enterprise but also to the economy itself and to society as a whole," he said.

Executive Assistant Director Bruce J Gebhardt, former Special Agent in-Charge FBI San Francisco, stresses the need for cooperation between the government and the private sector.

"The US's increasing dependency on information technology to manage and operate our nation's critical infrastructures provides a prime target to would be cyber-terrorists," he said.

Budget cut pressures

Mr Drake says cyber-sabotage can no longer be swept under the carpet but falling IT budgets and the demands of working in an e-business environment will only serve to make things worse if companies refuse to act.

"In order to stay in business, companies have to be able to keep up in the new economy and to do that they have to open up their systems.

"If you are a chief information officer at a big company, you are being pressured to open up your environment and let more people in, while on the other hand you are pressured to make sure no-one should see things they shouldn't.

"Then lay on top of that the macroeconomic environment and you have to somehow deal with all of this with half the budget you used to have," he said.