ARN

Gartner labels cyberterrorism a dud

Governments, after years of fruitless hysteria, are shifting their national security focus away from the threat of cyber attacks launched by terrorist groups to enhancing eavesdropping capabilities to monitor such groups, according to Gartner’s research director for information security and risk, Rich Mogull.

All but dismissing the cyber terror threat, Mogull claims that, after much publicity, it has failed to materialise in all but theory.

"There has not been a single case; we’ve talked with governments, businesses and the military and there has not been a single occurrence," Mogull said, adding that the high availability of those willing to die for a terrorist cause was of far more immediate concern.

Rather, western cyber efforts against asymmetric threats were being deployed to leverage intelligence from the Internet, which terror groups have readily used to facilitate communications between members and promote their causes.

"Governments are dealing with this and [the US and allies] are monitoring and looking… for example we have now eliminated the ability of certain groups to use mobile phones. The same goes for satellite phones because when they use them we blow them up,” Mogull said.

Asked if the capability existed for agencies to text mine cyber chatrooms, Mogull said it was highly probable, while cautioning it “is not everything".

Mogull said that critical infrastructure protection, especially utilities, will continue to face challenges, not least because many SCADA (Supervisory Control and Data Acquisition) systems now used Windows-based front ends that were highly vulnerable. To counter this problem, Mogull said it was necessary to decouple such machines from the Internet at large.

"You need to separate physical systems (those that control physical actions such as water or electricity) from enterprise systems. You need a virtual air gap," Mogull said, adding that if companies involved in critical infrastructure failed to secure their IT, there was always a helping hand ready to assist.

"If critical infrastructure cannot regulate itself, the government will step in and regulate it. [That said] governments, including the US government, do not always do the right thing. I’m [not saying] regulate more, but regulation certainly needs to exist," Mogull said.

He estimates that it will initially cost around 8 per cent of a utility company’s annual IT budget to become compliant with critical infrastructure IT security standards, a cost that would then decline after it was rolled out.

Nominations for the 2012 ARN IT Industry Awards open on Tuesday, June 12.

More about: Gartner

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the ARN comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Whitepapers
Latest Stories
Community Comments
rhs_login_lockGet exclusive access to ARN's news, research and invitation only events.
ARN Distributor Directory
Find distributors by name | vendor | location
Channel Deals
/deals/aca-pacific/439_qlogic-reseller-promotion-bonuses-on-hba-and-s
ACA Pacific

QLogic Reseller Promotion. Bonuses on HBA and Switch Purchases. Ends June 30th, 2012

More details »
ARN Vendor Directory
Find vendors by name | category

iAsset is a channel management ecosystem that automates all major aspects of the entire sales,marketing and service process, including data tracking, integrated learning, knowledge management and product lifecycle management.