Switched - Comments for World Bank Attacked By Hackers

Switched - Comments for World Bank Attacked By Hackers http://www.switched.com/2008/10/13/world-bank-attacked-by-18-hackers/ Switched Comments for World Bank Attacked By Hackers http://www.switched.com/media/feedlogo.gif Switched http://www.switched.com en-us Copyright 2012 Weblogs, Inc. The contents of this feed are available for non-commercial use only. Blogsmith http://www.blogsmith.com/<![CDATA[Comments on World Bank Attacked By Hackers]]>http://www.switched.com/2008/10/13/world-bank-attacked-by-18-hackers/http://www.switched.com/2008/10/13/world-bank-attacked-by-18-hackers/Oct 13th 2008 7:50PM<![CDATA[Comments on World Bank Attacked By Hackers]]>http://www.switched.com/2008/10/13/world-bank-attacked-by-18-hackers/http://www.switched.com/2008/10/13/world-bank-attacked-by-18-hackers/Oct 13th 2008 9:29PM<![CDATA[Comments on World Bank Attacked By Hackers]]>http://www.switched.com/2008/10/13/world-bank-attacked-by-18-hackers/http://www.switched.com/2008/10/13/world-bank-attacked-by-18-hackers/Oct 14th 2008 4:38AM<![CDATA[Comments on World Bank Attacked By Hackers]]>http://www.switched.com/2008/10/13/world-bank-attacked-by-18-hackers/http://www.switched.com/2008/10/13/world-bank-attacked-by-18-hackers/
They usually always are because hackers discover an exploit that nobody administering these systems ever know about until they find out rather late that there was a compromise.

The fix is made usually after the damage has been done to someone already.

The biggest problem is that the only way to get ahead of hackers without disconnecting from an open network is for a system administrator to be a hacker him or herself and find ways to crack their own systems and then apply patches. But that's a very arduous and ongoing task. A lazy way to do it is to manage how the systems are accessed, including taking the systems offline or off an open network for times where they cannot be actively monitored. Of course, that's not always practical.

In addition, there will always be potential exploits in any system of any significant complexity. There can even be patches to a problem that may fix it but also opens up new exploits just waiting to be discovered!

In all, no system can ever be made completely invulnerable to attack for the simple fact that such a thing implies perfection in a design or a configuration, which is an engineering impossibility. The only thing you can do to help security is to make the task of cracking it so difficult that it opens questions on whether or not it's really worth it (and, ironically, that can make you question whether or not such security is worth it as well).]]>Oct 14th 2008 8:40PM