The internet is like a virtual wild west, a wide open and expanding frontier
but like any free for all, bandits and troublemakers of all kinds
pose a constant security threat. Internet experts discussed the battle
against hackers at an SCPA panel on February 28.
The internet evolved naturally, and was created as a new frontier
without rules, said David Souaid, director of business development
at Surefire Commerce, a company which processes credit card transactions
on the internet.
One of our biggest problems is fraud we see more and more
people trying to hack into our database, writing their own software to
break our encryption of credit card numbers and then charge purchases
Louis-Eric Simard, of the internet security firm Freedom Factory Inc.,
said that hackers are not all crooks, or even always a pain in the virtual
My job is to prevent hackers from breaking into our clients
systems. It is very interesting work because it means that I deal with
some very smart people with interesting ideas on how to make our lives
Ironically, they actually help us create a better system for the
Hackers or crackers, a term that Simard and his peers favor
see breaching security as an intellectual exercise rather than a money
For the most part, they dont want to destroy businesses or
be malicious. They just want to break in for the same reason that you
want to win a game of chess: it is an intellectual exercise, something
exciting to do on a Friday night.
There are two types of hackers, what we call black hats and the
white hats. Black hats want to break in and create havoc so they can boast
to their friends: I killed e-Bay, I killed Microsoft, look how big I am.
White hats break in but then tell us exactly how they did it, exactly
where our systems are vulnerable. Sometimes they actually work with us
in plugging the leaks.
Hackers have sometimes been vilifed in the press for their ability to
wreak havoc on large chunks of cyber space, and some, like Montreals
own Mafiaboy, have been jailed, Simard says that all the expensive and
time consuming efforts to track them down could backfire badly.
It is very dangerous to stop hackers through regulation because
they are helping us build better systems, Simard said.
He added that a flawed security system is actually worse than none at
You are better off having no security than a mediocre security system.
A weak system will give you a false sense of security, leaving you vulnerable
to hackers, and they will have busted in before you know it. If you have
no security, youll be acutely aware of it and youll at least
be constantly vigilant of any breaches of your database.
Ultimately, Simard predicts that the constant cat-and-mouse game between
hackers and security experts will be won by the computer establishment.
As every flaw in computer security gets breached, then sealed, presenting
a blueprint for increasingly airtight systems, breaking in will begin
to prove too daunting for all but the best and most dedicated computer
What man makes, man can break. But over time, hacking will become
too difficult for most; it will demand a very high level of expertise.
At that point, hopefully, industry will hire the remaining few who can
still do it.
The bottom line, Simard says, is that more people are working on
internet security than are trying to break in.