How To Deal With Hacker Attacks

ColinCrook, based on his own experience, gave advice on how to deal with security attacks.

Crook served as chief technology officer of Citigroup (now Citigroup and Citibank's parent company) 10 years ago.

At that time, a hacker broke into Citigroup's network.

Crook is now a senior adviser to University of Pennsylvania's "WhartonFellows" agency, a member of the New York Academy of Sciences, a fellow of the Royal Institute of engineering and a co author of ThePowerofImpossibleThinking.

Last week, he talked about his own experience at the "Converge05" meeting held by ID management company Courion.

He stressed that business officials must be good at listening to other people's opinions and understand that safety is a human problem, not a machine problem.

In his first article, which is divided into two parts, the Crook explains how the company survived the data theft.

Question: what happened to Citigroup 10 years ago?

This is a multi million dollar bet, which is a great blow to all of us.

We know that the attack came from Eastern Europe, but we do not know whether the attacker is an unskilled hacker or a government agency.

I'm really worried that this attack came from the KGB of the former Soviet Union.

Question: what steps did you take after finding a security attack?

TsutomoShimamura came to the company and helped us very well.

He is a white hat (just a hacker).

He helped the federal government arrest the hacker KevinMitnick (KevinMitnick was imprisoned for five years because of hacker crime, and later became a successful security consultant, author and speaker).

Mitnick once invaded Tsutomo's computer and left a message saying, "I've attacked your computer."

Tsutomo discovered the signal of Mitnick and tracked it to assist the federal government in arresting Mitnick.

There's another interesting thing here.

Tsutomo to help us confirm what happened.

Our receptionist tried to drive him away.

Tsutomo wore a blue satin shorts, a T-shirt full of mathematical equations, a helmet and a pair of roller skates.

The receptionist waved him away and said, "we do not accept anything."

The receptionist thought he was a delivery boy. Finally, he helped us understand that the intruder was an unskilled hacker, not a government agency.

Question: what is the biggest lesson of this incident?

We don't have a safe periphery.

There are modems everywhere.

Our company has 100 million customers and 300 thousand employees, and there may be assailants among them.

This is very scary.

The lesson is that security is a business and economic problem.

Do not consider safety as a security issue.

When the cache management system is broken, we say to our business people: don't think this is a security issue.

Think of this as a business problem.

Security is one of the most complex problems, and everything in business is permeated with security.

Q: you mentioned the danger of too strict safety system in your Converge05 speech.

Can you expand on that? All agencies are changing and adapting.

There are few static companies.

In Citibank, every employee has to work two times a year.

Therefore, when you have a static and strict system that does not apply to such changes, you will surely fail.

With the use of hi-tech systems and the adoption of flexible restrictions, some will find ways to attack the system.

Q: when Citibank recently admitted that 3 million 900 thousand of its customers lost information, people would certainly recall your experience 10 years ago.

Do you think it is inappropriate for the company to deal with the problem in this case, or is the company doing its best?

You can't flinch from doing nothing and say nothing.

Since all these concerns are related to theft of identity cards, it is not good to rush to success.

We should adopt a more thorough and deliberate approach to this problem.

In this case, we need to take a step backward and look at different ways of thinking.

If we are anxious to succeed, legislators believe that they must legislate.

This gives rise to a recognition that enterprises can not deal with this problem themselves.

Hasty judgment often leads to imperfect solutions.

Question: is there such an atmosphere in enterprises? When a security attack occurs, the enterprise will not be frank about this problem.

When your emergency does not solve the security problem, security is still a tough job.

How can an enterprise solve this problem? When you rely too much on experience, you will stop learning, so you should be able to observe things from different angles.

When we first let a group of CEO sit in a room, it was a disaster.

Everyone thinks he knows everything.

This is what happens when you mature: your ability to discriminate is weakened, and you lose the ability to perform.

We tell people that they have to take a step back and admit their limitations.

At the same time, you must rely on your own experience.

Experience is valuable. You can't change your experience just like changing certain things.

You must combine experience with new ideas.

Trust is the key.

Enterprises must understand the importance of identifying people's identities.

During the stay in the hotel.

I went into the room and the maid in the cleaning room was in the room.

She stopped working and asked me to put the key card in the lock.

She wants to confirm whether I am the guest in this room.

This left a deep impression on me.

Enterprises should follow her example.

Xu Qiyun, editor in chief: