[ISN] Internet security problems may be on the rise

From: William Knowles (wkat_private)
Date: Mon Apr 16 2001 - 02:32:59 PDT

  • Next message: InfoSec News: "Re: [ISN] Closed source is more secure -- MS"

    The following content is from the Economist Intelligence Unit,
    a U.K.-based information provider.
    (13 April 2001) Internet security poses a growing concern for
    businesses in the West. A joint survey of corporations, government
    agencies and organisations conducted by the San Francisco-based
    Computer Security Institute and the Federal Bureau of Investigation in
    the US last month found that 85% had experienced Internet security
    break-ins over the previous year. Of these, 64% resulted in
    significant financial losses. More than two-thirds of respondents said
    their website, rather than their internal networks, was a frequent
    point of attack.
    Meanwhile, MessageLabs, a UK company that provides Internet security
    services, has seen its anti-virus system go from catching one a day in
    1999 to one every three minutes in 2000 and one every minute in 2001.
    This February alone, the company dealt with almost 47,000 virus
    How about China? Domestic businesses and home Internet users got off
    comparatively lightly with the LoveBug and Kournikova viruses that
    paralysed Internet systems in Europe and the US, in part because local
    companies do not rely heavily on e-mail for day-to-day business
    communication. But this will change as computer ownership levels
    overtake those of Japan as the highest in Asia, and Internet usage
    soars both at home and in the office. The security risk to business
    operations will increase as China's economy becomes more wired to the
    international business community.
    Threats will come not only from outside China. As in other countries,
    it is China's younger generation that is attracted to computers and
    the Internet. Many, keen to show off their skills, out of boredom or a
    desire for fame and money, have the potential to become hackers. And
    just as these young computer users are increasingly out of touch with
    traditional China -- particularly the obsolete political jargon of the
    ruling Communist Party -- so the government itself is struggling to
    understand the earth-shaking implications of electronic communication
    and the extreme damage it can inflict on business.
    Public concerns over general Internet security levels are affecting e-
    commerce, particularly in the area of online shopping. While a small
    number of China's online shopping sites can take orders and accept
    payment online, most consumers continue to rely on a cash-on-delivery
    (COD) system to take delivery of their goods.
    The enduring popularity of COD reflects the deep-seated lack of trust
    in e-commerce security. According to a January 2001 survey by the
    CNNIC, over 60% of Internet users felt that either Internet security
    or the quality of their product could not be guaranteed when making
    online purchases. Consumers are unwilling to hand over personal
    financial information to companies about whom they know little or
    The government, ever keen to boost consumer spending, wants to provide
    a legal framework to ensure the long-term success of e-commerce. The
    passing of a new Internet security law by the National People's
    Congress last month reflects the seriousness with which the
    authorities are tackling concerns, including those about online
    payments. The legislation follows the Draft Guidelines for China's
    E-commerce Development, issued in April 2000. These provide a
    framework to support commercial laws, intellectual property rights,
    domain names, privacy and security.
    Yet enforcement is all. And the central government can achieve little
    without co-operation at the local level. Some provincial governments
    have been proactive. Fujian's provincial government in south-eastern
    China, for example, is conducting a crackdown on computer viruses this
    month. The operation involves educating PC users about virus
    prevention and control, and strictly enforcing anti-virus legislation
    issued last year.
    For China, more international business means more viruses, and more
    viruses mean more international business. Symantec of the US, the
    world's largest maker of computer-security products for consumers, has
    been in Beijing since 1999. Symantec's priority was to adapt its
    Norton software to the Chinese market; its most recent release was the
    Norton AntiVirus 2001 software, which protects the user's computer
    from hackers as well as viruses sent by e-mail or downloaded from the
    The Internet security sector is attracting more players. As well as
    international competition, at least eight local firms have published
    their anti-virus software. Some foreign firms are opting to partner
    with existing local operations. Softbank of Japan has entered a
    four-way joint venture with Trend Micro, a Japanese Internet security
    firm; ISS (Internet Security Solutions) of the US (www.iss.net); and
    Internet Security One, a local company. IS-One (www.is-one.net), which
    is currently investing in the biggest security-testing laboratory in
    China, specialises in security assessment and intrusion detection
    technology. Its clients include the largest Chinese financial
    institutions, communications providers, ISPs and service providers, as
    well as government agencies.
    SOURCE: Business China
    "Communications without intelligence is noise;  Intelligence
    without communications is irrelevant." Gen Alfred. M. Gray, USMC
    C4I.org - Computer Security, & Intelligence - http://www.c4i.org
    ISN is hosted by SecurityFocus.com
    To unsubscribe email LISTSERVat_private with a message body of

    This archive was generated by hypermail 2b30 : Tue Apr 17 2001 - 02:53:12 PDT