Let the Hacking Begin!

The 2010 Winter Olympics may seem far away, but Vancouver officials are wasting no time in evaluating the potential for a terrorist attack. Historically, terrorist attacks were based on violent, disruptive tactics. However, 21st-century terrorists are using their technical savvy to stir up havoc.

That has officials (and hopefully the area’s retail community) questioning the vulnerability of the city’s wireless Internet system—and rightfully so.

Wireless airways have become a haven for hackers, mainly because they are readily available to anyone possessing a wireless handheld device or laptop computer outfitted with a WiFi card. While most users are harmlessly accessing wireless networks to check e-mails or surf the Web, there is a strong constituency of wrongdoers that could use a network to create devastation.

Clearly, crippling viruses are cause for alarm. However, they are only the tip of the iceberg. There is much higher trepidation that hackers could use networks to actually “open a dam and flood a town,” according to network security specialist O.J. Jonasson. “A concerted terrorist effort is a real concern,” he added.

That said, it is time for retailers to review and tighten contingency preparations surrounding their own internal networks.

Most companies are adding emergency plans to their daily business operations. These include collaborating with federal and public government agencies; working with vendors and suppliers to ensure product traceability; and backing up planning procedures, IT and communications systems in offsite locations.

Unfortunately, many companies may be forgetting about securing internal networks. The good news is this is easy to remedy.

Monthly or weekly tests surrounding internal and external encryption, firewalls and virtual private networking could make all the difference between thwarting a hack, or falling victim to one. But contingency plans need to go deeper.

An easy first step is for retailers to conduct analyses that might reveal vulnerabilities across critical pathways or weaknesses within their company’s entire infrastructure. The next logical step is to install intrusion-detection software on servers. And, of course, working with telecommunications vendors to stay abreast of software updates and patches is a must.

Yet, too many companies fail to see the big picture, and not enough telecommunications networks are being safeguarded against all types of security breaches. The question is why?

If my recent conversations and research revealed anything, the answer always seems to stem back to cost. Precautionary efforts are time-consuming and laborintensive, and both of these factors eat away at operating dollars.

For me, these precautions are no different than paying a monthly car, home, health or life-insurance premium. Companies, like individuals, need to protect their assets. If an unfortunate catastrophe occurs, a positive return on investment lies in their ability to foil an attack.

If retailers want to avoid any potential problems, they should take a lesson from Vancouver officials and get into the evil mind-set of today’s terrorists. It is this thinking that will reveal networking vulnerabilities, and make chains more effective at helping to thwart catastrophic attacks.