Risky Business: Tackling Computer Security
Peterson, Ivars, Science News
Risky business: Tackling computer security
NASA created the Space Physics Analysis Network a decade ago to enable scientists conducting NASA-related research to share data and ideas. But scientists were not the only users of this computer network. From 1981 into 1989, unauthorized users successfully penetrated network security dozens of times, roaming freely throughout the system. Although NASA officials say these intruders apparently didn't destroy or alter any data, future intrusions might prove considerably less benign.
The list of security breaches affecting computer systems worldwide grows week by week: virus attacks, lottery fraud, information theft, computer break-ins, espionage. Such incidents demonstrate the weakness of the invisible fences protecting most computer systems and networks from intruders, whether joy-riding high-school hackers, disgruntled employees or international spies.
In response to concerns about the safety, reliability and security of U.S. computer systems, a National Research Council panel last week issued a report detailing the extreme vulnerability of present-day systems.
"The committee believes that our computer system and information are at risk, and that this in turn places society at risk," says computer scientist David D. Clark of the Massachusetts Institute of Technology, who chaired the panel. "Our central conclusion is that national computing and communications systems are vulnerable to potentially catastrophic security breaches and accidental failures."
The report -- one of the most comprehensive looks at security problems in nonmilitary, unclassified computer systems and networks -- paints an alarming picture of the parlous state of those systems. "The modern thief can steal more with a computer than with a gun," theauthors state. "Tommorrow's terrorist may be able to do more damage with a keyboard than with a bomb. …