Infosec, Blunkett and scaremongering
Published 13:37, 29 April 09
Former Home Secretary David Blunkett opened the Infosec conference in London this week by warning of the threat of a major cyber attack on the London Olympics in 2012.
His predictions for doom made for some lurid headlines in the newspapers, but you have to wonder if he was just choosing an easy target for grabbing cheap and lazy coverage rather than delivering anything based on fact.
The truth is that we've been here before, in fact really recently.
Just last year there were a myriad of stories predicting that hackers would have a field-day attacking the 2008 Olympics in Beijing, and use the opportunity to launch a wave of scams designed to steal information from the world's sporting fans and disrupt events to embarrass the Chinese authorities.
In reality, the event passed relatively peacefully (on the cybercrime front at least) with surprisingly few reports of attempted mischief-making, let alone more serious identity theft or network disruption. The harbingers of doom went strangely silent as the attacks against Beijing's Olympic operations failed to materialise.
Yes, of course hackers could target the London Olympics in three years time - and perhaps they will. But sensible precautions by the bodies involved in the organization and security of the event can help keep these incidents to a minimum and reduce the chances of information being stolen and festivities being disrupted.
The authorities shouldn't be complacent about the Olympic threat, but there are plenty of more important cybersecurity issues which MPs could be talking about, For instance, when will we get a properly funded Government-backed campaign to raise awareness of internet security threats that affect poorly defended home users and weakly protected businesses across Britain every day?
Personally I'd be prepared to sacrifice a few medals in 2012 if we put a little more effort into defending our nation's computers against the growing tide of cybercrime.
Graham Cluley is senior technology consultant at Sophos, and has been working in the computer security field since the early 1990s. When he's not updating his other blog on the Sophos website you can find him on Twitter at @gcluley.