Four out of five Web sites fail cyberattack test

A survey of three million Web sites has found that four out of five are vulnerable to attack -- Australian banks among them

Out of three million Web sites tested worldwide, 80 percent have been given the thumbs down when it comes to security vulnerability, exposing a large number of organisations and governments to hackers, criminals and vandals.

The study, by Unisys Australia's IT Security Consulting Services, randomly tested three million .com, .net, and .au domains for security holes, and found 80 percent of Web sites transacting on the Internet open to damage and theft as the correct technology is not in place.

The study further revealed that Australian banks were among the Web sites most open to online attack.

On a global scale, Visa and Mastercard credit card fraud will increase from AU$2.8bn (£1bn) to AU$5.6bn (£2bn) by 2002.

According to Unisys Australia's architecture director, Ajoy Ghosh, the .au space also reflected 80 percent of those sites, which did not have the correct security in place.

Furthermore, over 90 percent of .edu Web sites are exposed to "cyberterrorism".

According to Australia's Computer Society Institute, one in every three intrusions occurs when a firewall is in place. Ajoy says organisations need to implement the appropriate technology, as firewalls alone are not going to protect a site from being attacked.

One of the problems is the technologists are driving business decisions to adapt inappropriate protections, leading to huge dollars being spent on the wrong technology.

"Technologists exploit the fear of cyberspace. Such as PKI, companies are putting it on their systems for the sake of it," he said.

Recent research by Gartner analysts revealed only 25 percent of companies in Australia will achieve full compliance of their security policies by 2001.

Ajoy said: "if you manage IT security appropriately, you can do all the things you always wanted to do on the Internet -- but were previously too scared to."

Is your PC safe? Find out at the Hackers News Special.

Have your say instantly, and see what others have said. Click on the TalkBack button and go to the Security forum.

Let the editors know what you think in the Mailroom. And read other letters.