KEY POINTS:
There's something appropriately cloak-and-dagger about my meeting with IT security veteran Harry Archer.
We rendezvous in the back corner of a bustling Sydney cafe where Archer's patter is fast and his tone slightly hushed. When he wants to speak off-the-record, he glances across the table to ensure my voice recorder really is turned off.
The affable Brit moved to Australia this year to head up UK-based telco BT's transtasman IT security business. While it doesn't run public networks in this part of the world, as it does in Britain, BT has a large base of multinational business clients who need their telco and IT security needs serviced even in far-flung corners of the world such as ours.
Archer's Sydney-based role is a new one focused on servicing the growing security needs of BT's existing Australasian customers, plus attracting new security business.
"There are a lot of BT's international clients who want the same services out here that they get elsewhere," he says.
"On top of that, certainly in the financial world, there are a lot of companies down here that need to take a fresh look at security."
Our discussion turned to one of the newer IT security threats: targeted "Trojan" spying attacks on specific individuals within organisations.
Around the world, criminals have been installing spyware on computers used by key staff working in sensitive sectors such as defence. International media reports have pointed the finger at hackers in China.
"We don't know what it's about. It's intelligence [gathering] and, as far as we know, it's stealing IP [intellectual property]," he says.
Many organisations don't have security IT auditing systems in place, so remain blissfully unaware that their staff are being targeted.
"The sort of Trojans that are being installed on people's computers, you wouldn't even know they're there. They [the hackers] can clean up the computer so you don't even know it's been on your computer," he says.
"Although each component is simple and available on the internet, it's the way they're brought together to do the attacks. That's the sort of area where BT is helping customers."
New Zealand's remoteness certainly doesn't make it immune to such cyber attacks. Last year, our Security Intelligence Service confirmed there had been attempts to hack into government IT systems.
SIS director Warren Tucker appeared to implicate the Chinese military by referring to similar international attacks with apparent Chinese links. China's Government denies the claims.
When talking to security vendor experts like Archer, I'm always wary it's in their interests to sow a little paranoia and alarm - after all if there's no perceived threat they have no one to sell solutions to and go out of business.
However, it's clear many New Zealand organisations are woefully under-equipped when it comes to IT security. Sadly, we probably need to experience a hacking attack that cripples a high-profile organisation in this part of the world before local organisations really sit up and take notice.
