The US government is to step up its research work into Trojan horse
attacks on corporate systems to counter fears of risks created by
hasty Y2K remediation work.
According to Richard Clarke, the US government's national
co-ordinator for security, infrastructure and counter-terrorism,
many companies woke up too late to Y2K, and may have allowed
malicious codes to be implanted in their systems.
Speaking at an information security conference in Washington,
Clarke said: "A Trojan horse can be as little as two lines of code
buried in millions of lines of programming. Even our best people
have difficulty in finding a Trojan horse."
The Clinton administration is seeking an extra $1bn for
information security research and development projects, and wants
to co-ordinate its efforts with the private sector to avoid
duplication.
The conference was jointly held with several auditing
organisations that US officials want to play a role in promoting
information security awareness among their clients.
