Global IT Failure Could Cost More than Kobe Quake, FIRST Experts Warned

Sabotage or failure on just one computer system could bring down the world information network in a disaster inflicting more damage than the Kobe earthquake, security experts learned today at their annual conference. They also heard how vulnerable the IT infrastructure is - and how thwarted attacks on the Beijing Olympics showed the determination of cyber criminals.

Kyoto, Japan (PRWEB) July 2, 2009 -- The collapse of a single computer system could trigger a catastrophe on the world information network more devastating in its economic consequences than the Kobe Earthquake, a senior executive of the West Japan Railway Company warned today at the 21st annual conference of FIRST, the Forum of Incident Response and Security Teams.

Mr Takayuki Sasaki, Vice Chairman and Representative Director of JR West, JP, was delivering the keynote speech to delegates at the Granvia Hotel, Kyoto.

Addressing the conference theme - "Aftermath: the Crafts and Lessons of Incident Recovery" - Mr Sasaki described how JR West restored its services following the earthquake in 1995, which inflicted 100-trillion Yen (US$1-trillion) of damage, and said: "During the post-quake period we have witnessed great progress in the IT industry. As a result, we now face a new challenge of globalization. When a computer system in a certain place fails because of a natural disaster or a virus, the damage may develop into a global issue and generate a bigger loss than that of the great Hanshin Awaji [Kobe Earthquake."

The exposure of information networks to catastrophe was highlighted in a speech to the conference by Peter Allor, program manager for cyber incident and vulnerability handling at IBM, who is a FIRST steering committee member and the Forum's conference liaison.

Declaring that "we're in a world of information warfare, and it's time to start thinking differently about security,"he said: "Hackers are no longer blasting out far-reaching worms. They are quietly targeting government, financial and communications networks, as well as the backend networks that control our power, oil, gas, manufacturing, water and transportation systems."

At a time when organisations were dispersing their operations locally, nationally and internationally, and linking them all together with IT networks, "the entire grid needs security enforcement at multiple points."

He continued: "Your headquarters may be secure as a fort, but if somewhere out there you've got a remote location with a weak lock, and inside it a PC with a password taped to its side - and this happens - then the whole organisational network can be compromised, corrupted, held to ransom or destroyed."

Just how attractive a target information networks are to cyber criminals and vandals - particularly when associated with high profile organisations or events - was demonstrated in a presentation by Yonglin Zhou, from the computer emergency response team coordination centre (CNCERT/CC) of the People's Republic of China. He reported on his and other IT security teams' protection of the 2008 Beijing Olympic Games, where 10,000 computers were deployed between 66 venues, many wirelessly connected.

The number of computers in China infected with Trojan viruses - which enable remote control by criminals without the owners' knowledge - rose from 35,000 in April 2008 to 67,000 in May and to a peak of 160,000 in PRWeb eBooks - Another online visibility tool from PRWeb June.

"All the indications suggested that criminals were planning a major attack," he said. Security counter measures brought the number infected down to 33,000 before the games started in August, and prevented any attacks at all from succeeding.

Takayuki Sasaki, who was Finance Director of JR West at the time of the Kobe earthquake and experienced the disaster first hand, described FIRST's task as "the very important issue of large scale earthquake prevention in the global information and telecommunication network," and praised members for their "remarkable endeavor and initiative."

He told his audience that before the Kobe catastrophe struck "there was a kind of optimistic view in Japan. People were saying we would be okay if there was an earthquake. Later that optimism was proven to be groundless."

In the event more than 6,000 people died as 250,000 houses and other buildings were destroyed, and 460,000 households were affected. Critical infrastructure was ruined, and damage knocked out 70 per cent of railway services, wrecking bridges, stations and rails. The cost to JR West alone was 100-billion Yen (US$1-billion).

But in a remarkable turnaround, 80 per cent of services were restored within a month, an achievement Mr Sasaki attributed to teamwork, team-spirit, and rapid decision-making, rapidly executed.

He said the crucial lessons learned, which could be applied before other disasters, were three: early risk detection and mitigation, identifying and reinforcing weak points, and preparing backup facilities - "proactive measures to secure an alternative control centre are indispensable."

Special podcasts recorded by Mr Sasaki and other speakers at the FIRST conference, some in Japanese and English, can be heard at http://www.first.org/conference/2009/podcasts/

Nearly 400 delegates from 52 countries - the highest number ever - are attending this year's FIRST conference. That includes 93 from Japan and 16 from the People's Republic of China - the most to date from each country - as well as 66 from the USA, 18 from Germany and 17 from the United Kingdom.

Founded in 1990, FIRST consists of internet emergency response teams from more than 200 corporations, government bodies, universities and other institutions from the Americas, Asia, Europe and Oceania. It leads the world's fight-back against cyber-crime, sabotage and terrorism, and promotes co-operation between response teams and law enforcement agencies.

Read more about the FIRST Kyoto Conference at
http://www.first.org/conference/2009/

Read more about FIRST at
http://www.first.org/ & http://www.first.org/about/