Black box surveillance equipment that the government is to install at ISPs in the UK to catch techno-savvy criminals will be a magnet to computer hackers, according to the chief technical officer of British UK computer consultancy firm Cap Gemini.
Andy Mulholland says that if a black box is being used to collect incriminating information then it will become an obvious destination for shrewd computer criminals. The boxes will be used to spy on email communciations and surfing connected with suspected criminals such as computer hackers.
"If they know that an ISP is collecting data," says Mulholland. "They are perfectly astute enough to target it. This makes it very easy for criminals. They can just hack into the black box."
Mulholland is also a member of the government's Regulatory Impact Board -- set up to assess the overall impact of implementing the RIP Bill. He says that the government's approach to high-tech and online crime is far too generalised.
Another representative of Gap Gemini points out that it would be even simpler for someone to launch a distributed denial of service attack in order to prevent one of these black boxes collecting incriminating data.
"Would organised crime even think twice about bringing down part of BT's network," asks senior consultant for technology management Howard Hughes. He believes that denial of service attacks on UK ISPs will increase.
An expert with Swedish computer security company Defcom, however, says that the security of these boxes will depend largely on how they are configured -- something that the government is yet to explain.
Spencer Pratt says that ideally they would be able to monitor traffic while remaining as distant from the ISP's internal network as possible.
He concedes, however, that security at some ISPs may not always be the most rigid.
"There's always a chance that something has been misconfigured. Most of the things on the Internet that are insecure have been misconfigured," he says.
Take me to Hackers