登录×
电子邮件/用户名
密码
记住我
网络安全

Cyber security flaws in shops and airports increase risk of attack

称黑客可以从零售商那里窃取信用卡资料、遥控酒店客房中的科技产品,甚至骗过机场安检

An argument is raging about whether companies should be forced to disclose cyber attacks, as security experts warn that US retailers, hotels and airports have gaping holes in their online security.

Researchers in Las Vegas for the Black Hat cyber security conference exposed flaws they argued could allow hackers to swipe credit card details from retailers, run technology in hotel rooms by remote control and trick airport security into believing someone is drugs-free.

Dan Geer, chief information security officer for In-Q-Tel, which invests in technology on behalf of the Central Intelligence Agency, said the threat of cyber attack was so serious that companies should have to declare significant security failures. “Not only has cyber security reached the highest levels of attention, it has spread into nearly every corner,” he said. “The footprint of cyber security has surpassed the grasp of any one of us.”

Laws about what kind of attacks companies must report vary depending on the country or industry. But many focus on the loss of consumer data rather than on the tide of attacks by nation states and intellectual property theft.

Despite patchy regulation, the number of companies reporting cyber security concerns to US regulators has more than doubled in the past two years, according to official filings.

Mr Geer called for “a public health system” for the internet where the security of everyone online is given higher priority than the privacy of attack victims. He also said the US government should pay to make public vulnerabilities that people find in software.

Alex Stamos, Yahoo’s chief information security officer, said companies needed to work together to combat cyber crime. Other industries should learn from banks, which had succeeded at co-operating on security partly because they were highly regulated, he said.

But Kevin Mandia, chief operating officer of cyber security company FireEye, said companies were right to fear being forced to disclose attacks as some were “crucified” in a “point and blame atmosphere”.

Doctors were not blamed for not having yet discovered a cure for cancer and the threat from cyber crime was similarly here to stay, he added. “I feel like we are trying to cure cancer just like doctors are.”

读者评论

FT中文网欢迎读者发表评论,部分评论会被选进《读者有话说》栏目。我们保留编辑与出版的权利。
用户名
密码

相关文章

相关话题

FT中文网客户端
点击或扫描下载
FT中文网微信
扫描关注
FT中文网全球财经精粹,中英对照
设置字号×
最小
较小
默认
较大
最大
分享×