Skip to main content /TECH with /TECH

Companies examine cyber-security

(CNN) -- The terrorist attacks of September 11 have companies around the world examining their cyber-security as well as their physical security. And the appearance of the aggressive and fast spreading worm "Nimda," which surfaced Tuesday, one week almost to the minute after the first assault on the World Trade Center, left some wondering if there might be a tie to terrorism.

U.S. Attorney General John Ashcroft discounted any "Nimda" tie to the tragedies in New York, Washington, and Pennsylvania. But the multi-pronged worm did lead to some Internet slowdowns, plenty of annoyances, and a loss of productivity. Many companies had to strip e-mails of suspect attachments, others completely cut off Internet access until networks could be sanitized of this intruder.

CNN's Marsha Walton interviewed executives from SecureWorks, an Atlanta based network security services company, about the events high on the minds of most U.S. businesses.


Robert Minkhorst
President and CEO

CNN: The terrorist attacks have certainly focused everyone's attention on security. Where does cyber-security fit in?

Minkhorst: We have seen an enormous increase in cyber-attacks. From 1999 to 2000 the attacks almost doubled. From 2000 to 2001 the attacks have increased, so far this year by more than 50 percent. We can see the amateur hacker has become a professional criminal. Those professional criminals are being supported by terrorist organizations, by foreign governments.

CNN: And the profile of the attackers has changed?

Minkhorst: The numbers have drastically changed over the last year, year and a half. Where about a year and a half ago about 70 percent of these attacks, malicious attacks were from inside the companies. That number has changed, turned around basically and the attacks now on our clients are 70 percent outsiders and only 30 percent insiders.



  • Pandasoftware

  • Central Command

  • It has now become much more malicious. From crime organizations to terrorist organizations to foreign governments, there's a lot of money behind it, getting more aggressive and more knowledgeable with high technology. So it is also up to us to keep up with the technology and keep up with the expertise as well, and in that context we as a company work very closely with the FBI to see the trends to keep up if not to stay ahead of criminal acts like these.

    The companies that we talk to quite often say, "Why would our data be of interest to the public or why would our data be of interest to any terrorist organization?" and it is only after they have been exposed to it that they suddenly realize that their data, whatever their data is, is very vulnerable and could be exposed.

    CNN: The Nimda worm was multi-pronged, it spread in a variety of ways. Is that sophisticated attack what we can start expecting to see more of?

    Minkhorst: It is. Nimda attacked Web servers to begin with, then it spread fast through file sharing. The third thing, it sent out a mass mailing to contacts in (Microsoft) Outlook. In some ways it looked like the Melissa virus. Just how destructive it was depends on each company. It can ruin some of the ways companies do business, if they can't communicate. It was certainly disruptive.

    CNN: What advice do you have for companies, following the terrorist attacks and a week later, this complex and prolific worm dubbed Nimda?

    Minkhorst: We're all aware of many forms of security. We have car alarms, house alarms, in our offices we have guards, and video cameras and cards or passes for entry. But we have this big network, this big pipe that's not protected. A firewall is like a lock on a door. But there are hundreds of websites out there that tell you exactly how to get around a firewall. It's not enough to detect an intrusion, you have to be able to prevent it, block it.


    Phyllis Schneck
    Vice President of Corporate Strategy

    Also, co-chair of executive board of InfraGard, a national organization that coordinates the sharing of cyber-crime information among the FBI, American businesses and academic institutions.

    CNN: Most companies are understandably skittish about sharing information, especially about computer intrusions. How is InfraGard poised to get companies to cooperate?

    Schneck: InfraGard is a corporate public partnership. You're taking corporate America and putting them in a solid partnership with the FBI, the government in conjunction with the National Infrastructure Protection Center to exchange information on information security, cyber crime, hacking.

    I'll give you an example. Through SecureWorks, there's a lot of data, client data, globally of people that try to attack our clients' networks. Those attacks that get stopped, they still get logged without ever using client specific information or names. We can provide the government with trends on how this happens.

    What we as a national board are doing is encouraging other companies to please give information, so that this partnership has a good base of data so that we can protect ourselves. Now more than ever it's crucial to work in partnership with the government to use all the data we can. Everything that they see, everything that we see, put it together for critical national infrastructure protection.

    CNN: Since September 11, the U.S. government is expected to step up its surveillance, with tools like Carnivore.

    Schneck: In order to protect us, it's common knowledge that the FBI can wiretap a phone call. Carnivore is exactly the same thing for data. It's not used without a court order; it's not used to simply spy on e-mail. This is not a police state. Carnivore is simply an enabling technology and again it's all about working with the client and with the government and it goes back to the partnership that makes InfraGard and makes the companies like SecureWorks and places like the National Infrastructure Protection Center be crucial cornerstones to protecting our infrastructures.

    CNN: The terrorist attacks have also prompted some U.S. government officials to look again at encryption laws.

    Schneck: The government's role in encryption has been looked at for at least a decade. Everything from how tight should the locks on the door be, to how long are your encryption keys to how should they be distributed. And it goes to privacy versus security. How much can we protect people's privacy rights versus how much do we need to expose to protect everyone else. In the end, again, we're looking at infrastructure protection.

    See related sites about Tech
    Note: Pages will open in a new browser window
    External sites are not endorsed by CNN Interactive.


    Back to the top