The Business Society has been left in a state of somewhat Ignorance,
Causing a flood of Security threats of a new, higher degree to arise,
Resulting in a panic-driven attempt to patch or catch-up with these new level threats,
At the potential expense of the Employees, and consumers privacy and service.
Hacking in itself is not a new affair; it is more the vast availability of computers that has revolutionized the network security sector. (“The Era of the Personal Computer” ). The fact that computers where becoming very cheap opened the market to common home users, and computers became very commercialized. Although this was a great benefit, it also posed a great threat. When the internet was launched connecting millions of “home PCs”, Commercial Business Servers, and even some Government computers, the arena for hackers was finally , fully opened. Computers where no longer restricted to large respectable universities, where PHD students and professors carefully used mammoth mainframes. Now almost anyone could have as much power, or more, in their room, than one of those colossal university mainframes of the past. Hacking was no longer an educational hobby of Professors and students in universities, but became a war between the attackers and the attacked. (“The Golden Age” ) The shift has left businesses trailing in the race to keep their information systems secure.
The Impact on the business society has been quite significant, and can be observed from many different perspectives. It has caused a huge depression for several software companies losing profits to the masses of pirated copies. Pirated copies do not involve simply copying a software CD, but rather Hacking it to enable several users access to software with one key. According to Joel Smith, a business writer from ‘USA Today, The Detroit News’ () , Software Piracy costs businesses in the United States of America (USA) alone, $3.2 billion. When looking at this figure one must not only concern themselves with the loss to the company, for the Organization is but one part of the “Business Society”. This loss of $3.2 billon also effects the Employees’. According to the same report, this enormous loss cost 109,000 jobs in the USA alone. This amounts to $4.5 billion in lost wages and $1 billion lost in tax revenue” Using the following two examples we can see how hackers have not only damaged Organizations, and Employee’s but also Consumers. A very illustrious game creator company, Valve, intended on bringing out the much anticipated “Half-Life 2”. A hacker however, managed to hack and retrieve the source code for the game, and posted it on the forum as a trophy. This not only cost the Organization money, but postponed the release by a year. This happened only a few months ago, and emphasizing the relevance of the problem today. ( Sam Parker Game Spot)
Credit Card companies have also suffered a great blow, as fraud is on the rise. When it comes to Credit Cards, it is not only the responsibility of the Credit card companies to be vigilant, but also of sites that use e-commerce. Several reports have come out about, databases being hacked and up to millions of credit card numbers being stolen. Just in February of last year, CNN reported that 5.6 million credit card numbers were accessed illegally, when a hacker managed to get past security measures and get access to the information of these MasterCard and Visa, cards.
(http://edition.cnn.com/2003/TECH/02/17/creditcard.hack/index.html Fred Katayama CNN.com)
These events have lead to a tightening of the boarders causing restlessness from employees. It is common belief that much of hacking of industry, comes from within the industry. This had lead to the break down of trust between the Employer and the Employee. “"Internal hacking is really happening," said Michael Longhurst, principal security consultant for Luxembourg-based SecureWave” ” ( Mark Ward BBC News Online technology correspondent)
This has led to Organizations installing monitoring software on employee’s computers, to track all they do. This includes sites the employee’s visit, what they type, including passwords. This technology even enables the Organizations to see the screen of the employee and even control the actions, as the employee works completely unaware of what is happening. Many privacy activist have complaint saying that this in itself is intruding into the privacy of the employee, and can be considered hacking of a different nature. However these complaints have not been taken too seriously for up to now “just about any form of employee monitoring will be upheld in court.” (Security Advisor P.J. Connolly )
However the internal threat is not the only one.
What must be learnt from this is that; first and foremost, as and Organization with sensitive material on the net, not having a specialized security team or consultants is not longer acceptable. When defining those who can hack, one can split them into 3 main categories. As Dean Bell, Managing Director, Scanit Middle East, put it. The Good, the Bad, and the Ugly. They would be what you call “White hackers”, those who test systems for insecurities and then patch them. The Bad are the malicious hackers who are there to do some damage, whether it be passive damage (stealing information without removing or changing anything) or physical damage (destroying a system, or erasing files). And finally the Ugly, also known as “script kiddies”. These are amateurs that get there hands on pre written code which they use to attempt to do damage in a fashion they don’t understand. Afentis, a IT security Consultant company who’s employs are the first of the three. They say, “The importance of security is rising - protecting information and computer assets has become a prime concern. Entrust Afentis to become your security partner and validate the integrity of your organization’s network.” ( Afentis) Protecting ones “system”, has become a full time job and if the problem of hacking is to be reduced it must be treated like a full time job.
For a business to ensure security it must implement measure to protect against both internal and external attacks. These measures may seem drastic to many privacy groups, however the sacrifice may be far less than the one paid at compromised data. Data is not only games, or source code, it could be as seen above credit card numbers, addresses, phone numbers. All this must be taken into consideration. Ideally a system would be devised where internal systems could be monitored without intrusion of privacy, but until then the sacrifice is less than the potential danger.