- Internet banking in Australia faces an uphill battle to win market share unless defences against denial-of-service attacks and distributed denial-of-service attacks are put in place.
Accusing the business community of a "delayed reaction" to DoS attacks as an evolving threat, the local manager of Top Layer Networks, David Britt, says that unless new solutions are implemented, banks will not cope with high-volume, connection-based attacks.
Speaking at a network security roundtable, Britt says inadequate resources make it impossible to differentiate legitimate or malicious traffic in real time.
"Systems that do not have an attack-mitigation device in place not only risk suffering an inbound DoS attack but could also face legal implications if their networks were compromised with zombies (distributed attacks) that launch attacks on other organisations," he says.
Ernst & Young eRisk solutions manager John Thrackray says it is no longer necessary for protest groups to physically blockade corporations, because a simple DoS attack can cause a greater amount of damage to operations and reputations.
Thrackray says that at the peak of its propagation, the Code Red worm, which incorporated a DoS component, had compromised some 250,000 systems in less than 24 hours by installing zombies.
Nokia Internet Communications manager Vic Whiteley says the growth in e-business, which requires highly secure infrastructure with no reduction in throughput, places real challenges to the present network foundation.
Whiteley says to facilitate online transactions a bottleneck has arisen where the infrastructure meets the content, a juncture dubbed the 'service integration point'.
"Financial services companies need to address this bottleneck with technologies such as intrusion detection, encryption and anti-virus measures to ensure trusted transactions," he says.
Check Point regional director Peter Sandilands stressed that security measures, however technical in their application, are first and foremost a business issue.