Firms upping security on computer systems

Kevin Ferguson

Friday, Oct. 12, 2001 | 10:11 a.m.

Worries about possible future terrorist attacks have businesses in Las Vegas and around the nation scrambling to safeguard their computer networks.

That's because some believe a terrorist act directed at data could cripple computer networks and wipe out financial records.

"There are countries out there that clearly can't compete with us in bombs, and so they are spending more and more money to learn how to attack us at the (computer) bit level," said Jeff Jonas, president of Las Vegas-based software firm Systems Research & Development.

Software security is by no means a new concern for many companies, such as financial institutions, casinos and technology-related businesses.

Many of these types of firms started beefing up their computer network firewalls after hackers had success at overwhelming several high-profile Internet websites -- such as those for CNN, eBay, Amazon and Yahoo! -- in the past few years.

"(Software security) was commonplace in the telecommunications industry (before the terrorist acts), but now it's becoming commonplace in all companies," said Randall Curran, chief executive of Englewood, Colo.-based ICG Communications, who spoke Wednesday at the ISPCON convention in Las Vegas. The event is for the Internet service provider industry.

Jonas estimates that most companies have doubled their security budgets since Sept. 11.

"I would say about 80 percent of that (increased) budget is for physical security and about 20 percent is for software security," he said.

Software security experts interviewed for this story wouldn't cite specific companies that have needed to beef of their security after the Sept. 11 attacks, but they said types of businesses and government divisions that had vulnerabilities include hospitals, banks and airport towers.

If a hacker broke into the computer network of a hospital, he could cause havoc by, for example, changing information about the blood types of patients, computer experts said.

While most financial institutions have had strong software-encrypted computer networks, Jonas said he has heard of cases where hackers have disabled ATM terminals.

The Sept. 11 terrorist attacks have made many chief executives of local companies allocate more money to their software security budgets, said Eric Read, the software security expert for the Las Vegas division of Sprint E-Solutions.

"IT (Information Technology) security has become the top two or three priorities for most companies since Sept. 11," said Read, whose company provides software security for Las Vegas businesses ranging from casinos to law firms.

"Before Sept. 11, IT security was way down on the priority list," Read said.

Read said major casino operators had been beefing up their software security well before last month's terrorist strikes because some gaming operators have been preparing for the possible legalization of Internet gambling.

One requirement to get licensed by the state if cybergambling is legalized will be proof of the site's "nuclear strength" encryption, gaming regulators have said.

Regulators have stressed the importance of preventing hackers from compromising the integrity of Nevada's gaming industry.

Corporate America -- not government -- has the burden of protecting itself from "software terrorists," Jonas said.

"When you're protecting your company, you're protecting your brand," he said. "Like if there's only one airline that has not been taken down because of its superior security, that's the one everybody is going to fly."

Many software experts say it's important to have people monitoring a company's computer network around the clock.

If a hacker breaks through the network's firewall, the security team should not only patch the hole immediately, but study the way in which the hacker broke in, experts say.

That way the security team can prevent similar intrusions in the future.

Experts also recommend firms create backup files of critical data on a daily basis, blanket networks with virus protection software and use a firewall as a gatekeeper between the computer network and the Internet.

Brian Becker, an ISPCON panel speaker and the chief executive of Popular Bluff Internet of Popular Bluff, Mo., compares hackers to terrorists.

His company, which provides dial-up Internet service for 14,000 customers in southeast Missouri, blankets its network with a virus protection software made by Postini of Redwood City, Calif. "(Hackers) are out there doing damage to people for their own favor," he said. "They are hiding in caves just like (Osama) bin Laden."

archive