Tuesday, February 15, 2005

Cyberterrorism -- where have all the sysadmins gone?

Seems like security is the theme of the day. Considering that "cyberterrorism" has been in the news for what seems like decades, you'd think that government and commercial organizations that run computers would have gotten around to hiring competent sysadmins who can run things securely. But, if the linked MSNBC article is to be believed, critical infrastructure is still vulnerable to attack. Most of what the article talks about is web site defacing, but there is certainly the implication that more is doable, given the desire. However, some of the most concerted hacking attempts are directed at university and e-commerce computers, and it seems that, except in isolated instances, they are secure. My read is that "cyberterrorism" will mostly involve a constant probing for vulnerabilities with occasional successes. If critical systems are just not connected to the internet, then the successes can be kept at the level of annoyances. Yes, that's two ifs: constant grooming of competent sysadmins and sensible systems architecture. The cynic in me isn't hopeful.

No comments:

Post a Comment