E-terrorism threat is 'overstated'

By RICHARD PAMATATAU

Cyber-terrorism is an "overblown threat" and organisations should focus on practical and straightforward security for viruses and information theft.

That was the message from Chris Roberts, manager of the centre for critical infrastructure protection in the Government Communications Security Bureau.

Roberts was speaking last week to the New Zealand Information Security Forum in Auckland.

He said cyber-terrorism was unlikely to have the dramatic effect that terrorists sought.

Many terrorist events were about gaining attention and cyber-terrorism was unlikely to inflict the wide mayhem a terrorist might want, he said.

Shutting down a national power grid, for example, was highly unlikely because so many levels of tolerance were built in and systems controlling them were segmented or working across many areas, he said.

This did not mean organisations should be complacent and security systems should be in place to guard every information system.

If anything, cyber-theft of a user's identity was a bigger issue for companies or organisations, he said. That also paved the way for crimes such as money laundering.

Roberts said in terms of inter-governmental sharing, New Zealand was "more on the receiving end" of sensitive data.

He said New Zealand emails were not scanned by the GSB because it was illegal.