Source: [id: 41018; name: CSO; isActive: true; siteId: 3] -- CSO -- $content.altguid

Interview: An Ethical Hacker Protects the World Cup Network

An information security expert and ethical hacker shares his thoughts on securing the 2006 World Cup network.

By Paul Kerstein

June 27, 2006CSOBy Paul Kerstein

The 2006 World Cup is arguably the most publicized and watched sporting tournament around the globe. The need to secure the information systems for a massive juggernaut of worldwide data networking and access is paramount. CSOonline’s Paul Kerstein recently caught up with Dr. Tom Porter, the mastermind behind the security for the World Cup network and a lifetime hacker himself. This is what he told us about network security, hacking and working on the World Cup network.

CSOonline: What is your background, and why are you called a hacker?

Dr. Tom Porter: I’m a hacker in the more traditional sense. Old-school hackers want to learn how things work and try to take it apart or gain access out of curiosity. Getting into networks and systems is good or bad based on your vantage point. Most traditional hackers do it just to see if they can, but they’re not there to steal information or destroy the integrity of a system.

Can you mention some of your notorious hacks?

Nothing that I’ve done has made public news, and there are some things I’d rather not mention. I did raise the interest of the Defense Department once, but I’ve never been involved in any criminal activity. At one point in my career, I was interested in finding proof of alien life, so I did access the network at China Lake, also known as Area 51 in Roswell, New Mexico.

The World Cup network command center. (Photo courtesy of Avaya)

How does a hacker disclose his or her credentials?

There are two kinds of hackers. Those who do it to impress their friends or become famous, and those that you don’t know about. The really good, and smart, hackers won’t tell you that they are hackers. Many of them are also not very sociable--they keep what they do on the QT, and if they have real credentials or experience, they don’t say anything about it.

How did you start working with Avaya, and what is its relationship with the World Cup?
 
I was working on the Avaya Security Practice a couple of years ago and they asked me if I wanted to work with World Cup network security. As most security executives know, the Internet has become more hostile, and they wanted my expertise. Avaya helped FIFA, EGS and Deutsche Telekom formalize a security strategy for the World Cup to try and perfect security for the current network.

You were hired on as what’s called an "ethical hacker." What is your image at Avaya and the World Cup IT community?

Both Avaya and the people we work with are OK with it. For the last 10 years, I have been working on, and am known for, business information security. I am a firm believer and preach heavily on IT ethics. The folks here trust me very much, but that is a reputation that I’ve earned over time.

RESOURCE CENTER