Middle East faces new security threat from computers

greenspun.com : LUSENET : Grassroots Information Coordination Center (GICC) : One Thread

Apr 10 03:40 AM GMT

Middle East faces new security threat from computers

As Internet connections speed up in the Middle East and more firms start to rely on the Net for the day-to-day business, hackers will pose a more serious threat.

April 09, 2000, 11:23 AM

AMMAN (AROL) - Kuwait International Airport, Dubai Electricity and Water Authority and Lebanese computer company DigiSys, according to recent media reports, all have one thing in common, according to a press release.

Airports may be Vulnerable They've all been the subjects of recent Internet 'hacker' attacks: all three organisations have had their Internet websites compromised by hackers. It's a global problem, and a growing one, and no Middle East organisation can consider itself safe anymore.

As the Internet takes a more important role in everyone's lives, both at work and at play, security issues are hitting the headlines more and more often.

And yet despite the efforts of software vendors to keep up to speed with the fast-developing skills of hackers and crackers, breaches of security are taking place daily.

Despite fast-reacting vendors such as Microsoft posting updates and patches to their products for immediate download as soon as issues are known about, security breaches still take place. The rule appears to be that if man made it, man can break it.

One of the shocking facts of the Internet is that many administrators with responsibility for security seem to be trying almost willfully to make that process simple for the hacker.

Holes in the system

The best and most secure software on the market will not keep out a persistent 'cracker' if the system administrator overlooks installing important update patches, uses his own birth date as the servers password, leaves passwords where they can be accessed or doesn't have the experience to spot 'holes' in the system. "The worst mistake that any system administrator can make is overlook installing vendor patches or even use an easy to guess password," says William L. Fithen, senior technology analyst at the famed Computer Emergency Response Team (CERT), operated by Carnegie Mellon University.

"Mistakes like these are common," the technologist adds: "When there is no outlined emergency plan, and more important, no real security system, and when you add to that a lack of enough expertise to go around, compromises like these will repeat themselves."

It is exactly this lack of expertise that led to the establishment of CERT in the late 80s after the notorious "Morris worm" brought the Internet down. The centre specialises in dealing with security issues at a local, national and international level, and provides an important 'early warning' and fast response resource to the world's networked computing community: a community that is growing exponentially every day.

Since its foundation, CERT has handled crises like the Melissa and Chernobyl epidemics. But more recently, what has kept technologists awake at nights are the dreaded 'distributed denial of service' attacks, which clog incoming traffic to Internet sites, blocking genuine users from visiting the site. Lately, this method of security compromise has become a favorite among hackers. And it's not difficult to do.

Indeed, yahoo.com, one of the Net's most visited sites, went 'down' for three hours in February 2000, after hackers compromised the portal's defenses, denying access to millions of users.

Hackers find easier prey in the Middle East

Closer to home, in the Middle East, hackers have found easier prey, with defacements aimed at sites in Saudi Arabia and Kuwait. A popular public library website in the Gulf has been the target of an attack, as have companies in Lebanon. What's more, the attacks are potentially the tip of a sizeable iceberg according to CERT: "You can't avoid publicity when it comes to a website being compromised, because people are exposed to the compromised and changed website.

The more insidious attacks are those where secure internal systems are hacked, and that has almost certainly been happening to a number of Middle East organisations," claims Fithen.

System administrators should not shoulder the blame for security compromises alone, according to Fithen. "Most vendors have created technology that is easy to use, but is not necessarily so easy to securely manage, the analyst notes. Fithen points out that this is what the technology vendors' customers are demanding, so the vendors do not have a business case to work on easily manageable systems.

This demands a higher level of expertise from administrators - an expertise that is all too rare in these days of global IT skill shortages. Added to this, many administrators can face resourcing problems: companies are simply not aware enough of the dangers to put money behind finding solutions. "This is especially the case when the solution is an intangible," says Fithen, "training, expertise and staying up to date are considered by many companies to be just that: intangible."

Meanwhile, as more users embrace high-speed networking solutions such as ADSL and cable modems, warns Fithen, "more systems will be available on the Internet to be compromised and possibly used in the distributed denial of service attacks launched against sites."

And as Internet connections speed up in the Middle East and more firms start to rely on the Net for the day-to-day business, hackers will pose a more serious threat. "With the increased dependence on networks and the Internet in particular, businesses must ensure that there is access to the information and services they intend to make available, Fithen says.

They also need to ensure that the information they intend to protect and keep private is, indeed, protected at every level." Nevertheless, that is a difficult task: This means that businesses must ensure that they keep current with technology security issues and that they have capable and highly trained system and network administrators who keep constantly up to date with issues, threats, fixes and techniques, the expert points out. Each networked business must have sufficient funding and staffing to ensure that the system and network administrators can securely maintain business systems."

Fithen points to organisations that will spend tens of thousands of dollars on a safe, but deny a similar expenditure on computer security as being a typical example of making the hacker's life easy. "What is the value of data to a given organisation today? That value needs to be defined at the highest level.

Organizations must determine their own risk. There are technology risks that all organizations using that technology face, and each organization must determine how to react to that risk with appropriate resources, Fithen adds.


-- Martin Thompson (mthom1927@aol.com), April 09, 2000


And, the Middle East is even more vulnerable than we are because it takes the U.S. vendors thirty days or more lead time to translate their defensive patches into Arabic.

-- Uncle Fred (dogboy45@bigfoot.com), April 10, 2000.

Moderation questions? read the FAQ