Europe South Asia Asia Pacific Americas Middle East Africa BBC Homepage World Service Education

Front Page



UK Politics







Talking Point
On Air
Low Graphics

Thursday, October 29, 1998 Published at 09:47 GMT


Hacking usually "an inside job"

Hackers face firewalls and intrusion monitoring on well-protected sites

By Internet Correspondent Chris Nuttall

A conference on computer security in London has been warned that companies face a bigger threat to their networks from their own employees than from hackers.

BBC Internet Correspondent Chris Nuttall assesses the threat posed to e-commerce by hackers
The organisers, Diligence Information Security, say about 70% of security breaches are committed by staff. Many are disgruntled workers who fear redundancy.

In a recent case, a member of staff who feared he was about to lose his job used a hacking program to wipe out his company's central database after his name was removed from the payroll list.

The conference was given demonstrations of hacking and e-mail forgery and virus attacks on systems. Stephen Cobb, a leading information security specialist, said his own company had been asked to test security on 50 sites in the past 18 months and had been 100% successful in breaking in with fairly simple hacking techniques

Chris Nuttall reports on ethical hacking for 5 Live
This 'ethical hacking' is a booming industry and many hackers themselves maintain that they are acting ethically in exposing security holes in networks. One delegate at the conference said there was a skills shortage and ex-hackers were readily employed by security firms, even to the extent of those with criminal records.

Scanning for security

Methods to counter security breaches are becoming increasingly sophisticated. The Atlanta-based Internet Security Systems (ISS) has grabbed a significant share of the market with its adaptive network security product suite.

Software scanners find and fix any vulnerabilities in a network while a real-time intrusion detection system analyses traffic for any signs of suspicious activity.

[ image: Klaus: Information warfare is coming]
Klaus: Information warfare is coming
ISS was founded by 25-years-old Chris Klaus, who developed the basic scanning software in 1992, working on the product as a student at Georgia Tech and then working out of his grandmother_s home after he left college in his first year.

The effort paid off in a big way in March this year when ISS went public and Chris found himself worth $180m almost overnight.

The company now employs around 160 people including a research and development group known as the X-force, which has consulted for the FBI on security issues.

Other blue chip clients include Microsoft, EDS, Lockheed Martin, major commercial banks and the US army and airforce. Chris says the armed forces are becoming increasingly aware of how information warfare can be waged over networks.

ISS_s headquarters is stacked with networked computers in every conceivable configuration to check for possible weaknesses. A school for cyber security guards instructs workers on the latest techniques.

While ISS has turned network security monitoring into a science, there is still some tongue-in-cheek reliance on less conventional methods. Gargoyles hang from the walls of the modern offices to ward off evil spirits, high-powered water pistols are in evidence and there is even a pet tarantula spider called Calica if all else fails to scare the hackers away.

Advanced options | Search tips

Back to top | BBC News Home | BBC Homepage | ©

Sci/Tech Contents

Relevant Stories

23 Oct 98 | Sci/Tech
Net warfare over Kosovo

24 Oct 98 | Monitoring
Cyberwarfare breaks out on internet

18 Sep 98 | Americas
Pentagon gets Web worries

29 Oct 98 | Sci/Tech
Hackers hit New York Times

07 Aug 98 | Sci/Tech
How the Web grabs you

Internet Links



2600 Hackers' Quarterly


The BBC is not responsible for the content of external internet sites.

In this section

World's smallest transistor

Scientists join forces to study Arctic ozone

Mathematicians crack big puzzle

From Business
The growing threat of internet fraud

Who watches the pilots?

From Health
Cold 'cure' comes one step closer