Institute Battles Cyberterrorism

To your list of year 2000 worries, add the possibility that a disgruntled employee has put a virus or Trojan horses into your code as part of his Y2K "remediation" effort.

Scanning remediated source code won't find the rogue software because it was added to your object code by a rigged compiler, according to security expert Alan Paller, research director at The SANS Institute in Bethesda, Md.

In a briefing to system and network administrators and security professionals here today, Paller outlined a number of scary scenarios -- some real, some hypothetical -- illustrating the risk systems face from "cyberterrorists." He demonstrated several powerful hacking tools that anyone can download from the Internet and apply with very little know-how. "How many years at MIT do you need in order to do that?" he asked. "Not many."

Consultants doing "penetration testing" for clients typically find from five to 30 vulnerabilities per system, Paller said. But administrators are often so overworked that they patch only a fraction of the holes found.

And administrators face other pressures. "Their bosses tell them, `Just get this one project done and then you can get back on security fixes,' '' Paller said. Complaints to management about a lack of resources to improve security "just sounds like whining," he added.

Paller said SANS -- an information-security education and research group -- recently teamed with security experts from government and industry to map out some practical steps to improving security. They are developing a three-level scheme that will help users take the easiest but most important steps first, he said.

Join the newsletter!

Error: Please check your email address.

More about MITSANS InstituteThe SANS Institute

Show Comments
[]