Tuesday 27 October 2009

When Government is too much like the private sector

The Swiss foreign ministry has been hit by hackers, forcing its computer systems to be shut down for days. Details are still emerging but initial reports point to a computer virus designed to grab specific data that was well hidden on the network. What this attack shows is how attractive government computer systems have become to hackers, which makes sense given the amount of personal and financial data the government houses.

Governments may have fallen behind the private sector in the assumption that the network perimeter approach to protection will keep data safe. Attackers can easily bypass known weaknesses on the perimeter and, once in, use various means to capture information. All governments should assume that their information will be under attack at some point -- be it from individuals or foreign powers. They need to take protection measures that protect the data from inside the perimeter, given the ease with which these weaknesses are exploited. Governments have this protection model in place already, but it is usually reserved for staff or physical assets, and involves additional layers of protection inside the perimeter. The government needs to give its data the same levels of consideration.

That they have temporarily suspended internal access to the internet for the Government departments would suggest that they need to choke off the malware from sending data out. Alas, once a site has got to this state it can be difficult to clean up. Real defense requires preventing the information "misuse" from being established in the first place.