Thought for the day: The enemy within

Is the paranoia over cyber-terrorism a little over the top? Simon Moores is all for vigilance, but considers the government's...

New Asset  
Is the paranoia over cyber-terrorism a little over the top? Simon Moores is all for vigilance, but considers the government's attitude is likely to cause more harm than good.



However hard I attempt to escape the subject of information security, it acts like a gravitational black hole and I’m pulled back into commenting on the most recent story or disaster or both.

CW360 reported last week that the NISCC (The National Infrastructure Security Co-ordination Centre) has raised the prospect of cyber-attack by Islamic groups, as a consequence of any possible - read probable - war with Iraq.

While this isn’t quite the same as a ring of steel around Heathrow, for NISCC to pop up with a warning of this kind illustrates how worried - or, indeed, paranoid - the Home Office is becoming.

It’s interesting to note that Symantec most recently cited Iran and Kuwait as the most frequent source of cyber-attacks, but what NISCC appears to be more concerned about is the threat from "the enemy within", a "fifth column" of cyber-militants described as terrorist groups "who may actively seek to plant people inside IT departments of critical organisations".

The public sector, in particular, is feeling more than a little vulnerable at this time and this question of a possible fifth column has been entertained for more than a year now but it rarely, if ever, finds any public expression because of the sensitivities involved, the Home Office being an equal opportunity employer, a policy which extends to extra-curricular activities they would rather not think about.

Do I think there will be a crippling attack on our national infrastructure? No. I think there is a real possibility of serial inconvenience but nothing more, this year anyway, but maybe next. Curiously enough, the IT manager of a large metropolitan council told me last week that most of the attempts to attack his own local authority originate in the public libraries. Not quite what UK-Online had in mind, I suspect.

As a result of all the warnings over the past three months, I’m glad to see that some large businesses are taking the warnings seriously and are beefing up their security posture. Unisys has just signed a £1.6m deal with Lloyds TSB to provide managed security services for the bank, and there’s evidence that the only rosy glow in the IT business at the moment surrounds the provision of security in one shape or another.

This brings me back to the question of a fifth columnn. Until the "war against terrorism" is resolved, we are condemned to a life of constant paranoia in a struggle against a hidden enemy. IT may be more defensible than the Underground but, like the dual use of London’s congestion charge cameras, the consequence offers us an increasingly nervous and restrictive society that can’t defend itself from a well co-ordinated attack against infrastructure, aircraft or indeed people.

So "be prepared" is the best advice I can give, but what to prepare for is anyone’s guess.

What do you think?

is the NISCC's message paranoid or persuasive? Tell us in an e-mail >> reserves the right to edit and publish answers on the Web site. Please state if your answer is not for publication.

Zentelligence Setting the world to rights with the collected thoughts and opinions of the futurist writer, broadcaster and Computer Weekly columnist Simon Moores.


Read more on IT risk management