Comment Articles

Start spending now

Jon Oltsik CNET News

Published: 10 Feb 2004 15:05 GMT

2004 is just over a month old but it's already been an eventful year for information security, with the MyDoom worm carving its name into the annals as the most malicious code cocktail ever.

MyDoom demonstrated that with a bit of social engineering, users will always be duped into opening attachments. Once in progress, MyDoom launched an avalanche of emails clogging networks and servers while interrupting business productivity. It then launched denial-of-service attacks on SCO and Microsoft. And as if this wasn't enough, it opened backdoors creating a global army of zombies poised to relay spam or launch the next denial-of-service onslaught.

Obviously, MyDoom almost guarantees another big quarter for security vendors. Manic executives who couldn't send or receive email for a few days are bound to read the riot act to IT and security types to fix the problem. IT managers in turn will purchase a new round of security piece parts to plug the holes and proudly proclaim, "Mission accomplished." (Of course, they can't anticipate future problems so they'll probably have to repeat this fire drill again and again.)

Do you see the cycle here? Problem defined, point solution implemented, problem addressed, new problem arises, and so on. This last 13-word sentence sums up the entire state of information security.

Why is this so? The authors of various Internet protocols and software systems didn't design their stuff with security in mind. This wasn't a big deal when the Internet was the exclusive playground of academic and military types, but add a few hundred million users and the lack of systemic security became a real problem.

In reaction, security "bolt on" technologies became a necessity. Today enterprise companies have a complex array of firewalls, Intrusion Detection Systems, gateway appliances and antivirus software for protection. Yet they keep getting hit with additional security problems. This model is clearly unsustainable and something has to change.