The Register: 'Dot-Com' companies are hacking each other -- expertFeb 18, 2000, 16:48 (2 Talkback[s])
(Other stories by Thomas C. Greene)
"All this talk of fifteen-year-old kids vandalising the Web is a smoke screen behind which real, professional crackers are pleased to take cover, security expert Mark Rasch revealed during testimony before a Senate hearing on Internet security earlier this week."
"Info tech companies may be fairly willing to report a nuisance attack such as the recent DDoS campaign, where no company assets are compromised. But Rasch believes that serious, compromising attacks are rarely reported to the authorities.
This is because such companies, which own nothing of substance but are valued principally according to the information they possess, depend heavily on consumer confidence. A prosecution and trial, Rasch observes, would make public the security vulnerability that was exploited, hence the company's hopelessly inadequate security measures, he implied.
An info tech company will typically lose between ten and one hundred times more money from shaken consumer confidence than the hack attack itself represents if they decide to prosecute the case, he estimated. ...because it is to a company's advantage to suffer in silence, the real malicious hacking, which would involve the compromising of crucial data and intellectual property by rivals tech firms, and probably represents the lion's share of online criminal activity, is kept as a closely-guarded, dirty little secret."
0 Talkback[s] (click to add your comment)