Security threats Toolkit

Playing the computer hacking game

Will Knight ZDNet.co.uk

Published: 26 Apr 2001 14:31 BST

The best way to train computer security experts to react to major incidents such as a hacker break-in or a virus outbreak could be through game playing, according to Winn Schwartau, an authority on cybercrime.

Schwartau, editor of US computer crime Web site Infowar.com and author of books on computer hacking culture including Information Security, CyberShock and Time Based Security believes that "game" simulations provide the best method for testing security consultants under pressure.

"The idea is to get people to deal with a problem when they have a security related event," said Schwartau, speaking from the Infosec security conference in London. "Part of the problem is how things escalate."

Response time has proved an important factor during many real-world security emergencies. Halting the spread of major viruses can depend on coordination and communications as has been demonstrated by the dramatic speed at which viruses such as the LoveBug and Kournikova spread between computer systems worldwide.

At the Infosec conference on Wednesday, Schwartau delivered a keynote speech in which he recommended that security consultant take part in simulated emergency "games". He also invited members of the audience to take part in a game involving a major theoretical hacker break-in. "The mock scenario is designed to make people aware of the difficulties of dealing with a security event," he said.

Take me to ZDNet's InfoSec 2001 Roundup

Take me to the Virus Workshop

Is your handheld really vulnerable to viruses? Alfred Poor tells you how you can measure -- and minimise -- your device's risk of attack. Go to AnchorDesk UK for the news comment.

Have your say instantly, and see what others have said. Click on the TalkBack button and go to the Security forum.

Let the editors know what you think in the Mailroom. And read what others have said.