Printer friendly version
Experts complacent about network attacks
28 July 2011
Study shows physical attacks to communications network infrastructure deemed low priority risk
Industry experts and researchers may be underestimating the threat to Internet security posed by physical attacks to telecommunications infrastructure, according to new research.
Only nine percent of industry experts and researchers who responded to an international survey considered physical attacks to the infrastructure to be a likely threat to future Internet security.
Top of their worry list was data misuse followed by more network-oriented issues such as malicious traffic attacks or data integrity on the network itself.
The results, pulled together by an international partnership led by Lancaster University, showed that 33 per cent of industry leaders and researchers put breaches of trust within companies and misuse of personal information – for example through Facebook or e-banking - as their number one internet security concern.
The threat of malicious network traffic attacks came second (27 per cent), while vulnerabilities in emerging Cloud environments due to reduced ownership of resources and data came third (18 per cent).
Network Experts Divided
Researchers also found a significant discrepancy between the priorities of research and industry. Whereas industry experts classify social engineering attacks as one of the most important future risk, researchers put malicious traffic attacks first. Where this discrepancy comes from is currently being investigated. One reason might be the increased usage and growing commercial importance of user-centric online services.
The findings are part of an ongoing study exploring emerging and future threats to fixed and wireless telecommunication network operations, which has so far included 160 senior experts, mainly in the UK and India.
Participants in the study included lawmakers and senior industry figures such Head of Security of one of Europe’s largest network operators. Heads of relevant government departments also participated in the study.
Strategic India-UK collaboration and technology exchange
The work was carried out in line with recent strategic studies developed by the UK Government to ensure the leading role of the UK in the global digital economy.
The new data will help improve the understanding of potential vulnerabilities of the critical infrastructure underpinning the Future Internet and Cloud Computing environments. It will also help government and industry to develop intelligent solutions to minimise the impact and frequency of any such threats.
Dr. Andreas Mauthe of Lancaster University’s School of Computing and Communications said: “The threat landscape on computer networks and Internet security has been changing rapidly in the past few years. It is becoming increasingly important that we are prepared for new types of digital threats in the near future.
“Such threats will be far ranging, from social and human factors (such as social networking and interpersonal trust for data handling, storage and processing on the Cloud over the Internet) to new access devices, applications and end-systems such as iPads, smartphones, Facebook, laptops, in-car communications, iPlayer and online gaming.
“Some threats may have been underestimated. Only 9 per cent of research and industry experts have indicated physical attacks to the infrastructure as a likely threat in the future. This contrasts with our increasing reliance on the digital economy, including online services provided by governments and businesses. Targeted attacks on the underlying communication infrastructure may have the potential to light the fuse for the next global crisis.”
The research team includes Lancaster University (led by Dr. Andreas Mauthe), University of Ulster (led by Professor Gerard Parr) and IIT Madras India (led by Professor Hema Murthy).
The work falls under The India-UK Advanced Technology Centre (IU-ATC) in Next Generation Networks Systems and Services which is funded by the UK Government through the Research Councils UK Digital Economy Programme and by the Indian Government's Department of Science and Technology (DST). The collaboration specifically deals with the development and exchange of knowledge and technology between India and UK but also with a collaboration between academia and industry in an increasingly more important market. Currently, the IU-ATCV represents the largest India-UK collaboration of its kind between both countries
Further details of IU-ATC can be viewed at http://www.iu-atc.com