subscribe: Daily Newsletter

 

Global security approach urged

0 comments

An international security expert is "astounded" at world apathy towards international cyber threats.

Andy Purdy, president of DRA Enterprises, says a major Internet vulnerability, recursive DNS, has the ability to completely shut down any information system anywhere in the world – but the international community is not doing anything about it.
"We need to work together to shut these things down he told delegates to GovTech today.
One attempt is underway to marshal international participation in eliminating a major threat at the core of the Internet itself.
Purdy urges South Africans to contribute to a call for information on DNS cache poisoning.
The Information Sharing & Analysis Centre is asking for information on whether ISPs are monitoring the vulnerability, whether they are able to identify the poison within the DNS "glue" and if they have been able to eliminate it.
Purdy is passionate in urging internation co-operation on cyber security issues, especially partnerships between government agencies and the private sector.
It is no longer sufficient to know who to call when a cyber attack occurs, he says – government agencies need to be in a position of being able to identify and mitigate risks before they happen.
To date, very little has been done to identify and mitigate risks on a global scale, he says.
Purdy cites the example of botnets. Although individual countries may make strides towards eliminating botnet activity within their own borders, attacks are just as likely to come from externally-based botnets.
And, although, most botnets are currently focused on financial gain, he warns that the are set up and available to carry out much more sinister threats.
Interestingly, the GovTech audience indicated in an interactive survey that the majority of attacks suffered so far had been from worms and viruses – but that they fear most is a corruption of data.
Purdy reveals that the US government has suffered a number of incidents of data loss or corruption, so the threat is very real.
He urges agencies to learn from the experience of other countries and to partner with the private sector to help eliminate very serious threats before they occur.