[ISN] Hackers getting harder to keep out: survey

Tue May 25 02:19:00 EDT 2004

http://www.smh.com.au/articles/2004/05/25/1085442111470.html

Gold Coast
May 25, 2004

Malicious attackers are getting faster and harder to keep out of
corporate and government systems, a major conference on computer crime
was told yesterday.

The Computer Crime and Security Survey, released at the AusCERT 2004
Asia Pacific IT security conference on the Gold Coast, also showed
that efforts to date had failed to reduce the risk of break-ins, with
harmful attacks on computer systems in Australia increasing over the
past year.

The anonymous survey of more than 200 businesses and government
agencies was compiled with assistance of state police forces, Federal
Police, the Australian High Tech Crime Centre and the national
computer emergency response team, AusCERT.

AusCERT general manager Graham Ingram said despite businesses spending
more money fighting computer crime over the past year, only five per
cent believed they were managing all computer security issues
reasonably well.

"Corporate Australia is having problems dealing with these issues,"  
said Ingram. "It's telling you how difficult this issue is.

"The message to the companies that are running these systems is to
keep going. You can't stop. You have to continue. This is a war you
can't afford not to fight."

The most common and costliest attack on computer systems over the past
year was from malicious viruses, worms or trojans with the average
loss for all types of electronic computer attacks up 20 per cent to
$116,212.

Mr Ingram said the survey showed that hackers were able to exploit
vulnerabilities faster than ever before and were quicker to react to
security fixes or patches designed to keep them out.

"You are in this race to get this fixed. That window used to be weeks
or months, it's now down to hours and days," he said. "It's an arms
race."

Australian High Tech Crime Centre director Alastair MacGibbon warned
hackers were widening their targets from online banks to home users in
an attempt to gather passwords and other sensitive information.

"We need to reach millions of end users to have anti-virus software
and firewalls on their home computers," he said.

The High Tech Crime Centre has noted that computer criminals were
combining the skills of spammers, malicious code writers and criminal
fraudsters to launch attacks.

In one case a home computer in Perth was identified as being involved
in the theft of money from seven bank customers. An investigation
found that criminals from overseas had used a virus to gain control of
the computer and carry out the thefts.

The AusCERT conference ends on Thursday.