WSJ: Where the Dangers Are

Where the Dangers Are
The Wall Street Journal 07/18/05
author: David Bank
author: Riva Richmond
(Copyright (c) 2005, Dow Jones & Company, Inc.)

In the world of cybercrime, the bad guys are getting smarter -- and more ambitious.

In recent months, hackers have carried out a flurry of increasingly sophisticated attacks, highlighting the vulnerability of key computer networks around the world.

Criminals penetrated the database of CardSystems Solutions Inc., nabbing up to 200,000 Visa, MasterCard, American Express and Discover card numbers and potentially exposing tens of millions more. Leading high-tech companies in Israel allegedly planted surveillance software on the computers of their business rivals. British security officials warned of a computer attack aimed at stealing sensitive information from banks, insurers and other parts of that country's "critical infrastructure."

Security experts fear things will only get worse. As technology gets more complex, more vulnerabilities are springing up in computer networks -- and more criminals, terrorists and mischief makers are rushing to exploit them.

"What people can do on computer networks and what they can find on them has increased tenfold from a few years ago," says Bill Hancock, chief security officer of Savvis Inc., a major Internet-service provider. Infiltrating those machines and using them for evil intent is easier than ever, he says.

Some of the threats are well known; home-computer users for years have battled viruses and spam and more recently have been barraged with spyware, adware and fraudsters "phishing" for sensitive information. Less visible is the constant probing of corporate networks by would-be intruders seeking trade secrets or competitive intelligence, and the data breaches caused by disgruntled or dishonest insiders.

Meanwhile, government authorities report that hackers are stepping up attempts to attack critical systems such as water, electricity, finance, transportation and communications. Last year, the Department of Homeland Security prepared a worst-case cyberdisaster scenario where criminals broke into financial-services facilities.

Twenty million credit cards were canceled, automated teller machines failed nationwide, payroll checks couldn't be delivered, and computer malfunctions caused a weeklong shutdown of pension and mutual-fund companies. "Citizens no longer trust any part of the U.S. financial system," the scenario concluded.