Feeds

Experts: Firms need to come clean about cyber attacks

Dutch counter-terrorism head says gov was last to know on DigiNotar hack

5 things you didn’t know about cloud backup

LCC Businesses need to ‘fess up when they’ve been the victims of cyber attacks, experts at the London Conference on Cyberspace (LCC) said today.

Government and biz bosses said that even though companies didn’t really want to own up to having been breached, they needed to start sharing information with officials to protect critical infrastructures.

Erik Akerboom, president of the Cyber Security Council in the Netherlands, said that his government needed to know about the DigiNotar hack when it happened, not later on.

“We needed information at the time that DigiNotar was hacked; it was hacked in June but we didn’t find out then,” he said.

Digital certificate firm DigiNotar was hacked in June this year and forged Google.com SSL credentials were then used to spy on 300,000 Iranian internet users. The incident was notorious over the summer when it was discovered that the firm’s security was wholly inadequate, and because it took so long for the company to come clean.

DigiNotar only started to revoke certificates in mid-July, and didn’t go public with the security issue until August. The company subsequently filed for bankruptcy, having lost all the trust its business relied upon.

Akerboom said that the Netherlands was considering making it compulsory for firms to inform the government when their networks were attacked, but the government would then keep the information confidential to protect the companies' business.

Matthew Kirk, group external affairs director at Vodafone, said it would be tough to make businesses disclose attacks without a better trust relationship between companies and governments.

“Our instinct as a company is much more self-regulation rather than compulsory on almost everything. But I think there’s a critical role for government, which is not so much compulsion but creating... trust,” he said.

“I think it needs to be done in an atmosphere where it’s actually in the companies’ interest to disclose,” he added.

Harry van Dorenmalen, chairman of IBM Europe and also a member of the National Security Council in the Netherlands, was more forceful about what should be expected of the private sector.

“I think the private sector in general needs to step up much more than they do,” he said, adding that if businesses found it difficult to go to the government individually, they should consider presenting issues to the government through business groups.

“That’s an appeal to the private sector to step up, be vocal and be connected,” he said. ®

The essential guide to IT transformation

More from The Register

next story
One HUNDRED FAMOUS LADIES exposed NUDE online
Celebrity women victimised as Apple iCloud accounts reportedly popped
Rubbish WPS config sees WiFi router keys popped in seconds
Another day, another way in to your home router
Goog says patch⁵⁰ your Chrome
64-bit browser loads cat vids FIFTEEN PERCENT faster!
NZ Justice Minister scalped as hacker leaks emails
Grab your popcorn: Subterfuge and slur disrupts election run up
HP: NORKS' cyber spying efforts actually a credible cyberthreat
'Sophisticated' spies, DIY tech and a TROLL ARMY – report
NIST to sysadmins: clean up your SSH mess
Too many keys, too badly managed
Scratched PC-dispatch patch patched, hatched in batch rematch
Windows security update fixed after triggering blue screens (and screams) of death
Attack flogged through shiny-clicky social media buttons
66,000 users popped by malicious Flash fudging add-on
New Snowden leak: How NSA shared 850-billion-plus metadata records
'Federated search' spaffed info all over Five Eyes chums
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Endpoint data privacy in the cloud is easier than you think
Innovations in encryption and storage resolve issues of data privacy and key requirements for companies to look for in a solution.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?