Politics and profit set stage for Internet security disaster
LAS VEGAS (AFP) - The Internet is ripe for hacking chaos and rampant crime due to serious computer defense flaws, specialists told cyber security experts from around the world at a major conference here.
The experts who met at the Black Hat digital self-defense conference in Las Vegas also heard from US counter-terrorism czar Richard Clarke, who blasted what he described as President George W. Bush's lack of interest in enhancing the nation's cyber security.
A dark secret is that the companies devoted to defending systems have "massive security problems" of their own and most react to attacks instead of predicting and preventing them, said Dinis Cruz of London-based Ounce Labs.
"The big question is will the perfect storm occur," Cruz told AFP.
"I wish a bunch of kids would just bring this thing whole down because it would really help us to understand the level of mess we are in."
Internet browsers can be used by hackers to get into computers and take control, sessions at Black Hat revealed.
Hackers are increasingly using software commonly used when sharing text, video and music files to hide and deliver malicious codes that infect machines.
"The industry is in a very reactive mode at the moment," Cruz said.
"A lot of the stuff we have here is quite immature because we don't have proper attackers. We are waiting for a new generation of attackers that can exploit our vulnerabilities."
Software developers are under pressure to quickly produce programs at low cost, making thwarting abuses by evil doers a low priority, according to security specialists.
One Black Hat attendee equated Microsoft's new Vista operating system to a fortresses with thick concrete walls and steels doors, and a defense program that was "a stupid security guard handing keys" to wily attackers.
"It is crazy to think of all the applications we depend on a lot of times have massive vulnerability," Cruz said.
"A lot of security providers add more problems to networks than they solve."
Clarke, who worked for both presidents Bill Clinton and George W. Bush, said that the global economy could be shut down by hackers.
"We are building the global economy on a foundation of cyberspace 1.0 with a structure that has not changed since its creation," warned Clarke.
"We are still running code from vendors all over the world that is replete with errors."
Clarke said Bush cut funding for Internet security research and ignored a prepared cyber security plan.
"I handed it to him in the Oval office and he signed it, but I don't think he ever read it," Clarke said of a plan he recommended before quitting and becoming an author.
The Bush administration, financial institutions and much of the United States "don't get it" when it comes to cyber security, according to Clarke.
Since leaving government in 2003 Clarke has written three books: "Against All Enemies," a critical look at blunders in the US-led war on terror, a political thriller and a tech-heavy science fiction novel. He is also chairman of a risk management firm.
- Latest
- Trending