Zero day attack imminent

A devastating attack on the Internet or a power grid in the next decade is "most plausible", 1300 of the world's leading technology experts and scholars agree - but when it might happen is unclear.

The 'zero day' attack drew most agreement from respondents in a recent survey of IT experts by the Pew Internet and American Life Project. The concepts of virtual classrooms, and monitoring by government and business, also got a consensus from the experts.

While definitions of a zero day attack vary, it is generally considered to be an exploit, worm or a virus capable of crippling global Web infrastructure either prior to, or within hours of, a public announcement of a computer system vulnerability.

Australian security experts appear to agree with these predictions.

Frost & Sullivan security analyst James Turner said as governments and commerce globally rely more on technology, a zero day this decade is entirely reasonable.

"The more you rely on something, the more devastating it's going to be when you take it away," Turner said, adding lack of IT security education of employees was still the biggest threat.

"Organizations should go back to their security policies and make sure they're enforced," Turner said.

Meta Group analysts agree. The analyst predicts rapidly spreading worms and the volume of new vulnerabilities and patches will continue to plague organizations without automated response procedures until 2008.

However, Meta is advising people-based threats like identity theft and spyware will dominate in 2005, with antivirus vendors consequently increasing detection and repair capabilities .

Queensland University of Technology Assistant Dean of Strategy And Innovation in the faculty of IT, Professor Bill Caelli also named spyware as the prime threat of 2005.

"The biggest threat to enterprises now is spyware. It's a major threat because it compromises everything," Caelli said.

However, Caelli was reluctant predict a timeframe for an "electronic Pearl Harbour", noting the nature of catastrophic attacks was that they often happened without warning and extremely quickly.

"We're starting to see the Internet being used for data monitoring and control around the world, and with this we're essentially increasing our reliance on the Internet for things it was never meant to do," Caelli said.

"A zero day attack would be absolutely catastrophic. As we move more of our critical infrastructure over to the Internet, we start to move the control and monitoring of these, which means we're essentially playing with fire."

Join the newsletter!

Error: Please check your email address.
Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Siobhan McBride

Latest Videos

More videos

Blog Posts

Market Place