British Telecom has reported a significant reduction in the
number of defacement attacks against its websites, following an
aggressive campaign to track down and arrest computer
hackers.
The campaign by BT's computer emergency response team - one of only
six crack IT security teams in the UK - has led to 37 arrests over
the past three years and the seizure of thousands of pounds worth
of computer equipment.
BT believes news of the crackdown spreading through the hacker
community contributed to the number of graffiti attacks experienced
by the company falling from 37 in 1999 to 11 in 2002.
"We were probably getting one or two defacements a month. It was
irritating. It was not good for our image. Then there was the time
and effort required to restore the site, finding out how the person
got in and the type of the attack," said Martin Roberts, BT's group
security director.
BT began using internal security expertise to identify and trace
the people responsible for the attacks, following concerns that web
defacements could damage the company's image.
It has uncovered several international networks of hackers who are
using the internet to exchange information and boast about their
achievements.
"We went out and, with the support of the police, we would go to
people's houses. Quite often we would find the mother and father
downstairs and a teenager upstairs. They were nearly all young men,
very few women," said Roberts, speaking at the Protecting Critical
Infrastructure Conference last week.
Although police charged some of the youngsters, most were let off
with a caution after having their computer equipment confiscated.
BT discovered that confiscation was the most effective deterrent to
further attacks.
"Word quickly went around the hacker community that if you had a go
at BT, police seized your equipment and retained it. That is
important. We have seen the numbers drop over the past few years,"
said Roberts.
The company runs more than 100 firewalls, which block 14 million
attempted network incursions from viruses and other threats every
month, Roberts said.
The firewalls were able to halt the onslaught of the Code Red worm
last year and the Slammer worm earlier this month, with only minor
problems experienced on one or two servers.
BT is running awareness campaigns throughout the business to
promote the message that good security strengthens the brand.