TechEd 2007: Security should be taught in schools

TechEd IT Forum 2007

User education and better collaboration between all members of the industry is the key to tackling cyber-crime, according to Microsoft's chief security advisor in EMEA.

Roger Halbheer told vnunet.com at the TechEd IT Forum in Barcelona that Microsoft's latest biannual Security Intelligence Report shows a drop-off in operating system-level attacks and in an increase in hackers targeting application vulnerabilities.

However, Halbheer warned that vulnerabilities in the user mean that attacks are shifting from technology to social engineering.

The security chief pointed to an increase in phishing attacks of around 500 per cent in the past six months, as well as targeted Trojans which increased by 150 per cent.

Halbheer said that the key to tackling the increasing tide of cyber-crime is to work with different parties to raise awareness, and to track down and prosecute the criminals.

"Microsoft is working with Interpol to get the bad guys, because it is not enough just to protect yourself. We have to increase the cost to the criminals, including the possibility of being sent to jail," he said.

Law enforcement agencies are facing challenges in trying to break these rings of cyber-criminals, but Halbheer believes that there is increasing understanding of the crimes and the way these organisations operate.

But there are legal issues that hamper international investigations, including inconsistent legislation and differing definitions across different countries.

Collaboration between the public and private sectors is also necessary, Halbheer stressed.

Research shows that countries with closer partnerships between government and business suffer fewer attacks because companies are more comfortable turning to the government for assistance and guidance.

Halbheer added that user education is key to tackling many of these security issues and is the joint responsibility of corporations, government and the media.