IBM and hackers -- SECURITY400

>From the press:

By Bernhard Warner, European Internet Correspondent

LONDON (Reuters) - Computer hackers come in many shades -- extortion artists,
corporate saboteurs, determined teenagers and legitimate IT professionals.
But according to security experts at International Business Machines Corp,
they have one thing in common: every office has at least one.

Seizing upon the timely topic of Internet security risks, IBM this week has
launched a global advertising and public relations initiative to plug its
e-business security software and consulting expertise.

Business managers, concerned at the threat of attack, are fortifying their
internal computer systems. Last week, a Corporation for British Industry
survey revealed that two-thirds of U.K. businesses have been the victim of a
serious computer-related incident, whether it be hacking, a virus attack or
some form of cyber fraud.

It means that software firms and security consultancies may once again have a
big market for their services.

SECURITY TRADE-OFF

The corporate world, however, has been faced with a precarious trade-off when
it comes to IT security. Damaging corporate viruses such as the Code Red
worm, which continues to replicate around the Internet unchecked, have cost
industry billions of dollars in lost productivity and software upgrades,
experts say.

At the same time, belt-tightening initiatives rein in the corporate budget
process, crimping IT investment. IBM, for one, is hoping the fear factor will
motivate purse string holders not to skimp on security initiatives.

At a press event in London on Thursday, IBM introduced two veteran security
specialists -- dubbed "ethical hackers" by the company -- to discuss the
fragile state of Internet security, and to get its message across that upper
management has to be more involved in IT defense.

"Ultimately, security is a management issue," said James Luke, information
warfare specialist with IBM Global Services in London.

Another reformed hacker, now employed by IBM as a security expert, said that
the incidence rate of viruses was on the upswing -- and from a seemingly
benign source.

Novice hackers, called "Script Kiddies" in Internet parlance, "can be the
most dangerous," he said. They are among the largest population of hackers,
he added. Often, they are teenagers who get their kicks out of defacing or
blocking access to sites by employing virus programs downloaded from the
Internet.

"They know just enough to be dangerous," he said.

One famous "script kiddie" hacker was a 20 year-old Dutch man who earlier
this year admitted to engineering the Anna Kournikova e-mail virus. The hoax
e-mail carried an attachment that appeared to be a picture of the tennis
star. Once opened, it spread around the world slowing down e-mail systems and
shutting down some corporate servers.

Other virus authors, including the mastermind behind the recurring Code Red
worm, go undetected. Last month, Computer Economics of Carlsbad, California,
reported that the Code Red worm, which targets unfortified computer servers,
did $2.6 billion in damage.

Blueyonder, a British broadband provider from Telewest Communications,
continues to carry a warning on its site that the Code Red worm is affecting
service performance for some of its customers.