The Mad Hatter's wireless network

Symantec's security guru finds IT's "next big threat" in the pages of Alice in Wonderland

Symantec's security guru finds IT's "next big threat" in the pages of Alice in Wonderland

One of the more entertaining members of the UK's IT security community is Symantec's security theoretician in the UK, Jeremy Ward. Ward used to be with the Cabinet Office before he moved to the private sector. These days he is busy saving the world from the constant threat posed by computer viruses and hacking.

This month will see the Infosecurity Europe show taking place at London's Olympia and I asked Ward, who will be making a presentation at the conference, what he viewed as this year's "big threat" to IT security.

"It is the 'pool of tears'," he said, quoting from Lewis Carroll. "'The pool was getting quite crowded with the birds and animals that had fallen into it'."

"You've lost me," I said. "Alice in Wonderland?"

"That's right," said Ward. "The big problem facing us all is the always-on, constantly connected pool.

It is something that Dick Clarke, the US cyber threat guru has already warned about."

Clarke said recently that we need to rethink the unwritten rule that everything on the Internet is automatically connected to every single place on the planet.
Continuing with his Alice in Wonderland theme of wireless disaster, Ward added, "It is the Mad Hatter's Tea Party out there - but much worse, particularly when you consider the explosion in wireless networking.

"In much the same way as that tea party, we are going to see networks increasingly plagued by the sudden arrival of unwelcome guests - from hackers, to hacktivists and cyber-terrorists. That is unless business wakes-up and takes the danger from the spread of uncontrolled wireless networks as seriously as it should."

With the amount of press coverage it has received, it is easy to believe that everyone must know all know about wireless and the danger posed by drive-by hackers wielding Pringles tins. However, just the other day I walked into one of the more sensitive offices in the country and heard it "suggested" that the wireless network probably wasn't secure, as if the topic was a fairly unimportant one.

"Of course, this situation has everything to do with policy and responsibility, rather than technology - something that appears to have escaped most of us in the head-long rush down the rabbit hole of innovation," said Ward.

"The time has come to pause, take stock, and get down to some serious security risk assessment and risk management. We must all be involved in developing a culture of security, where security is built in to all new systems and becomes an intuitive part of the behaviour of all users of information systems and networks."

That, of course, is voice of reason, and most informed IT directors agonise over the spread of wireless networks only a little more than they worry about personal digital assistants. And while a firm policy can be set at the top of the organisation, the increasingly consumerised technology, the Palms or IPaqs or Cisco Aeronets, has an unwelcome habit of creeping in from the outside.

Wonderland may be coming to an office near you whether you wish it to or not.

Simon Moores is chairman of the Research Group

Read more on Wireless networking