Computer viruses and worms wreaked more havoc and caused more damage in 2003 than ever before, according to security experts.This content was published on January 11, 2004 - 12:02
swissinfo spoke to Urs Gattiker, a Swiss expert on internet security, about efforts to prevent similar attacks in the future.
Gattiker, who is professor of management and information science at the International School of New Media (ISNM) at the University of Lübeck in Germany, has written a number of books on information security.
He is also involved in CASES - an organisation of European governments that seeks to raise public awareness about information security – and is chairman of the European Institute for Computer Anti-Virus Research (EICAR).
swissinfo: What is your main field of competence?
Urs Gattiker: Information and security. I am not interested in computers that work “normally”. I am interested in what happens when a spam mail blocks my email account or when a nasty code gets into my computer.
swissinfo: Can you tell us a little bit more about the work you do for CASES?
U.G.: CASES stands for Cyberworld Awareness and Security Enhancement Structure, an international initiative to work together in this area for the benefit of the public… CASES is concerned with the use of the internet and e-government. We also look into other areas, such as the digitalisation of health data, where problems with data protection could arise.
Everybody should be able to benefit from information technology, but most people don’t really want to know too much about the ins and outs of security issues – they just want the technology to work.
swissinfo: But does the technology always work?
U.G.: Unfortunately not, but that is exactly the reason why CASES was set up. And CASES is financed by public institutions, which means the service is freely available to all citizens.
Let’s take the “Sober10” worm, for example, which appeared recently. It did a lot of damage to many computers all over the world. After it was detected the press was very quick to ask which manufacturer reacted most promptly.
In fact it is not about the manufacturer but about the anti-virus software, which should have detected the worm… It is not about warnings as most of the time they come too late anyway.
swissinfo: You’re fighting viruses on a scientific level. What legislative measures need to be taken to fight against viruses and their creators?
U.G.: I don’t think we need specific legislation. Countries like Italy, Germany and Britain have all tried to come up with new laws against hacking and viruses.
But Switzerland has actually handled it very well by saying that it’s all down to authorised and non-authorised use of information technology. So whoever is not authorised is going against the law and that’s actually [the only legislation] we need.
swissinfo: More broadly, what can Switzerland learn in the field of communication technology?
U.G.: The Federal Communications Office (Ofcom) could learn a few things from Denmark about how a market can be regulated effectively.
In Denmark, for example, telecommunication companies compete fiercely and some of them have had to learn the hard way, as profits are often lower than expected. But the consumers have benefited from the competition.
swissinfo: What exactly is better in Denmark?
U.G.: Ofcom’s website doesn’t have [much useful] information for customers, whereas its Danish counterpart, for instance, compares telephone rates. It tells me which provider is best suited to my needs.
As the Danish government regulates this price comparison, every supplier has to provide the right data and everybody has a chance to offer their services or products at reasonable prices. I don’t think this is the case in Switzerland but it works in Denmark and Sweden as they have clear rules. This is also important for the interne, where Switzerland could also do more.
swissinfo: Many people feel they are observed or spied upon although they don’t use a computer. Do they have a reason?
U.G.: I think people have to understand that data protection is getting more difficult and that a sort of erosion is taking place. We don’t have to be paranoid or afraid. But more and more data, such as medical, financial or fiscal information, is being recorded nowadays and it could end up in the wrong hands.
We have to be aware of this, but I am convinced that we can only change the situation if people fight for their rights and make sure their data is handled correctly. I think there is still a lot to be done.
swissinfo-interview: Etienne Strebel
Gattiker has taught in Denmark, Australia, Canada and the United States.
Gattiker, who is Swiss, works in Germany, lives in Denmark and considers himself a globetrotter.
He has written books on information security, and is involved with European agencies including CASES, which is concerned with data protection and e-government.
In compliance with the JTI standards