Page last updated at 21:18 GMT, Tuesday, 21 April 2009 22:18 UK

Call to rally against cyber crime

By Maggie Shiels
Technology reporter, BBC News, San Francisco

X-ray of hands on keyboard
Data stored online is said to be the number one focus of breaches

Security professionals are being called on to band together to fight the highly organised cyber criminals of the world.

The call was made at a San Francisco conference organised by security firm RSA - the largest event of its kind.

RSA President Art Coviello said the online fraudsters "are not bound by any rules of law" and "control massive armies of zombie computers".

Recent reports claimed cyber criminals had infiltrated everything from the US power grid to the Pentagon.

In his keynote speech to the conference, Mr Coviello urged the industry not to underestimate the global cyber security threat and the sophistication of criminals.

"Our adversaries operate as a true ecosystem that thrives through interdependence and constantly adapts to ensure its growth and survival.

Mr Coviello said that meant it was time for the security industry to come together to defeat the criminal element at large.

"We must evolve from acting independently to solve discreet information security problems to acting collaboratively to create a common development process.

'Anyone can be a victim'

Statistics revealed at the conference show how the internet is increasingly being used by online fraudsters.

Sophos, a security software company, said a web page was infected every 4.5 seconds and that every day more than 20,000 new samples of malware were discovered.

Symantec, one of the biggest security software firms in the world, said it had blocked 245 million attacks per month in 2008 - roughly 200,000 attacks every half hour.

RSA conference
Symantec said 90% of attacks target confidential information

"Information is the most valuable thing we protect," said Symantec CEO Enrique Salem.

"Attackers are shifting their approaches. They are moving away from the idea of mass distribution to a few threats being distributed to what we call micro-distribution where there are millions of distinct threats.

"They are targeted at individuals. They are targeted at trying to steal confidential information. Anyone can be a victim," warned Mr Salem.

The trend away from random attacks to more targeted ones was echoed by Microsoft's Scott Charney.

"We have seen over the years that the internet has become much more focused in terms of bad guys going after medical records, financial data and now you see widely reported nation state attacks," he said.

"We have everything from randomised criminals who are opportunistic to organised crime and that creates a huge challenge for the internet community," Mr Charney added.

At the RSA conference, Microsoft revealed it was testing some of its new identity-based security technology in Washington State schools, where students and teachers will be able to securely access grades and class schedules.

About 50 schools and 24,000 pupils are taking part in the pilot using the company's Geneva claims-based identity platform.


At the conference, RSA President Mr Coviello suggested a number of ways the industry could come together to mitigate the cyber security threat.

RSA President Art Coviello
Mr Coviello said the global cyber threat continues to escalate

He outlined three key practices that included collaborating on standards, sharing technologies and integrating technologies and controls into the infrastructure.

Brett Galloway, Senior Vice-President of Cisco's Wireless Technology Group, agreed with that collaborative approach and said it was already happening to some degree.

"The work that goes on between the companies, the standards and the work that goes on between companies operationally to integrate, inter-operate and make sure that our customers bring these solutions together is actually quite profound and important.

"We clearly live in an era of increasing sensitivity and increasing threat not only from commercial bad guys but other sorts of bad guys as well," noted Mr Galloway.

Microsoft's Mr Charney said he was confident the industry would band together for one very clear reason.

"I think when you have a common enemy, which is what the cyber criminal is, it really galvanises organisations to work closely together."

Mr Coviello was just as optimistic and pointed out to the audience that by joining forces they increase their prospect of success.

"There's an African proverb that advises, 'If you want to go fast, go alone; if you want to go far, go together'," Mr Coviello concluded.

Print Sponsor

Spies 'infiltrate US power grid'
09 Apr 09 |  Technology
Security experts eye worm attack
31 Mar 09 |  Technology
Nato's cyber defence warriors
03 Feb 09 |  Europe
Trojan virus steals banking info
31 Oct 08 |  Technology
Cyber criminals to target mobiles
21 Apr 08 |  Technology
Internet Day highlights web risks
12 Feb 08 |  Technology
Workers 'stealing company data'
23 Feb 09 |  Technology

The BBC is not responsible for the content of external internet sites

Has China's housing bubble burst?
How the world's oldest clove tree defied an empire
Why Royal Ballet principal Sergei Polunin quit


Americas Africa Europe Middle East South Asia Asia Pacific