Behind the Headlines: HP's hacker insurance under fire

Fenella Quinn, reporter

In this week's Behind the Headlines, Silicon.com's panellists raised concerns that HP's new hacking insurance package does not go far enough - and that putting a commercial value on damage caused by hackers might escalate rather than contain the problem. High profile attacks by hackers on Web sites including Yahoo, CNN and e-Bay have convinced HP to launch its own insurance package specifically targeted at damage arising from denial of service attacks. Describing Web site insurance as a "continuous Ping-Pong game" with hackers, Konstantin von Unger, senior vice president of Internet sports information site, Sportal, said; "Once you set up a firewall and try to protect yourself, there are new hackers who develop new programmes who hack back into your site. At that point, it's going to be very difficult for insurance companies like HP to provide cover." Clive Longbottom, analyst with Strategy Partners, said that HP's $2m worth of cover offered for an annual premium of $57,000 was nowhere near enough, particularly for financial organisations. "Denial of service will cost them millions of dollars every minute that they are out of business," he warned. Longbottom was further concerned that it would be problematic for Web site operators to escape liability. "Denial of service is fairly easy to recognise and to put on a price on... but a real hacking attack where somebody breaks through and does something nasty at the back end - how are you going to prove it?" Also up for discussion in this week's Behind the Headlines are the latest developments in the Microsoft antitrust suit, and Silicon.com's evidence to the House of Lords Select Committee on EU Internet legislation. To watch the full Behind the Headlines programme, visit our Systems Security Channel (http://www.silicon.com/a35978 ).