Computer networks based on new technologies offer golden opportunities to criminals, says John Doody, a computer security expert at the Communications Electronics Security Group, part of GCHQ.
Talking at the Infosecurity 99 conference in London on Thursday, Doody said government must ensure the protection of the critical network infrastructure (CNI) - a vital network of computers belonging to the government and private sector organisations involved in telecoms, transport, financial services and the provision of energy and water - from attacks from the underworld.
Threats to the CNI could come from individuals, terrorist or state sponsored organisations as well as international crime syndicates, Doody said. "It's important to know your enemy, but in this case we don't know who the enemy is," he said. Although the problem of electronic attacks on the CNI is small at present, the problem is steadily increasing as more and more government organisations depend on their computer systems and the connections between them.
An important part of CESG's protection strategy is a program called the IT Health Check, currently in a pilot phase. During the check organisations' computer systems are probed for vulnerabilities using the same techniques that malicious hackers use. "Contrary to popular belief, we do not use teenage hackers. Our testers are all vetted and trusted," he said.
The aim is to identify and fix security holes without causing damage to the systems before criminals find them. Doody said the probes also look for abnormal behaviour by computer users within the organisation and abnormal system behaviour.
The need for such checks is clear: recent checks on government and private sector organisations carried out by CESG during the pilot phase revealed thousands of idle accounts which could be exploited by intruders, passwords attached to terminals with post-it notes, terminals left unattended with root network privileges, and unrestricted access from the network to other networks. Failure to apply manufacturers' patches to address known security weaknesses also left computer systems vulnerable to known weaknesses.
The Defence Evaluation Research Agency also has a role to play in protecting the CNI, Doody said. DERA's Dr Bryn Hughes said the agency is developing advanced intruder testing which uses neural networks and artificial intelligence to simulate and detect attacks.
DERA has developed security technologies such as: directory boundary agents to restrict access to network directory information from outsiders; a "one way information diode" system to enable information from insecure networks such as the Internet to come into a secure network without allowing information out; and a domain based security system which defines areas in which data can move about freely.
To comment on this story, email [email protected]
Kicking Palantir off of AWS is among their demands, too
Rafaela Vasquez was watching The Voice at the time of the crash, new evidence shows
PUBG price slashed on Steam after selling more than 50 million copies - as daily player numbers plunge
Use the same password for every website? It might be time to change them all