Companies and the government can protect themselves from cyber-terrorism by ensuring that systems are truly secure.In the wake of the Sept. 11 terrorist attacks and the ongoing war in Afghanistan, the notion that cyber-terrorism is a real threat to the safety of U.S. citizens might seem far-fetched. But the potential for damage goes beyond simple e-mail viruses that disrupt computer users.
Days after U.S. air strikes began in Afghanistan, pro-Taliban hackers in Pakistan broke into Indian government computers and posted messages supporting Osama bin Laden. The group also vandalized three Web sites. While this act was labeled a “cyber protest” rather than cyber-terrorism, the ability to penetrate government systems and company networks is real.
According to a report by Gartner, a technology research firm in Stamford, Conn., cyber-terrorism will increase and “likely target U.S. government facilities, as well as infrastructure centers and nongovernmental organizations such as relief agencies.” Vital military information could be retrieved; communications systems and power grids could be sabotaged; airline passenger information accessed. Impairing these functions could mean loss of lives, especially if emergency services were disabled.
U.S. companies and the government can protect themselves from cyber-terrorism by ensuring that systems are truly secure. While reinforcing network firewalls and encryption is a good first step, protecting Internet applications is just as important. One company specializing in this type of online security is Sanctum.
Founded in Israel in 1997, Sanctum entered the U.S. market in 2000 and has approximately 175 customers worldwide. AppShield, Sanctum’s security product, stands behind the network firewall but in front of the Web site server. AppShield creates a security policy for every Web page it protects and compares user behavior against that policy. If a user tries to access password files or other information that is not permissible under Web page policy, AppShield blocks the action.
Just because a user passes through a firewall legally doesn’t mean he or she doesn’t have malicious intentions. “You can be an authenticated user and still be a hacker,” said Sanctum CEO Peggy Weigle.
In October 2000, when Palestinian hackers accessed Web pages at the Israeli military, parliament and Foreign Ministry sites, Sanctum was called in to prevent another attack. AppShield now runs on several Israeli government sites, including that of the Knesset.
“In Israel, security has been a core value from day one,” Weigle said. “Now the U.S. is seeing that if we are going to protect our infrastructure, security needs to become a core value here as well.”
While the likelihood of a major cyber-terrorist attack in the United States is not known, a recent report by the National Infrastructure Protection Center (NIPC) states that U.S. infrastructure is a certain target where the goal is “intentional destruction rather than public embarrassment or purely political statements.”
From Weigle’s point of view, the good news is that there definitely has been a trend in the United States toward beefing up company and government network and Internet security since Sept. 11. The key, she said, is to be proactive rather than reactive. “Organizations need to spend dollars on intrusion prevention, not just intrusion detection.”