• silicon.com
• Technology
• Security

By silicon.com, 10 November 2004 17:23

In recent years there has been a lot written about the threat of cyber-terror. Only yesterday silicon.com wrote a story including the claim from one security expert that such talk is all hot air and any mention of 'cyber-terror' should be taken with "a sizeable pinch of salt".

Yet, today we received a press release which told us: "We have entered an era of sustained digital attacks from radicals, criminals and zealots."

Although the details were a little sketchy, the release identified "cyber terrorism groups" whose sophistication in launching such attacks "has been rising significantly".

It's not exactly names and addresses but they seem to have a pretty good idea who we're dealing with here. Or maybe not.

It's actually pretty laughable and further example of the nonsense which is being peddled in an attempt to increase IT budgets - the argument being companies need to do more to protect their networks should Al-Qaeda be looking to launch a DDoS attack.

And, of course, synonymous with 'doing more' is the notion of 'spending more'.

But as a more level-headed security type, Simon Perry at Computer Associates, advised us: "If you have in place security to protect you from hackers, virus writers, script kiddies and the very real threats which exist you will, by default, be protected from any attack which might come from a terrorist group. There's nothing to suggest it would be a different kind of attack."

However, for all the hype which surrounds this non-issue, it would appear to be working. Security spending is increasing and many of those flexing their wallet-opening muscles are citing 'fears of cyber-terrorism' as one reason.

So are the fear-mongers winning? Is the message of the above company - who will remain nameless for fear of providing the publicity they clearly crave (many will work it out anyway - they are well-known worst offenders when it comes to such issues) - actually getting through?

Do IT managers really believe "disgruntled Arab, Islamic fundamentalist and anti-American groups" are about to bring Western computer networks crashing down?

Possibly not. Another theory is that IT managers are seizing upon the fears which often make compelling copy for the mainstream media - and therefore enter the minds of less clued-up non-technical types - and asking for essential 'cyber-terrorism' budgets.

While previous requests for increased IT budget fell on deaf ears, there is a suggestion that this more emotive issue is freeing up sums of money previously only dreamt about.

For some reason, the need to protect paranoid financial directors from 'cyber-terrorists' strikes far more of a chord with financial directors than the need to provide more effective IT infrastructure to the business - even if the two phrases essentially cover the same upgrades and improvements.

This thinking isn't just limited to IT budgets either.

Small towns in the US who have seen public sector budgets slashed in recent years are reportedly getting the purchase of fire engines signed off from homeland security budgets.

If you admit those fires are likely to be started by a pan of fat boiling over then you've no chance of getting sign-off, but if you can conscionably suggest those fires might, possibly, just maybe be started by Osama bin Laden you'll be polishing your shiny new fire engine before you can say 'undue paranoia'.