The Loyolite 2003 - May 2003

Big Brother is Watching

People tell me infotech is not an exciting career option. But, at his workplace, my brother is a Sherlock Holmes.

By ASHOK R CHANDRAN

At his workplace, my brother fights dangerous cults. He does things Sherlock Holmes and Hercule Poirot did. And people tell me infotech is not an exciting career option.

Like his 1989 batchmates at Loyola, Binu M Thomas and Nanda Kumar T V, my brother Roshen is an Internet security consultant at Paladion Networks. They protect computer networks from attacks by criminals roaming the Internet.

When computer viruses and worms strike terror, security experts limit the havoc. I teased Roshen that it sounded like policemen in movies - rushing in after damage had been done. "We rarely step in after an attack," he clarified. "We plug loopholes in a network before an attack, and prevent damage."

But it must be more exciting to fight hackers - cults of programmers, frustrated individuals, and criminals -- who deface websites, steal credit card numbers, defraud banks, and download corporate secrets.

Though Roshen won't admit it, I believe hackers are always a step ahead. "Have you ever traced a hacker or recovered the loot?" I challenged him one day. It is difficult if the security system does not exist, he began. And told me about the guy who broke into an ex-employer's computer network that had been secured by Paladion. They traced him and informed the police.

At times, Roshen and friends pre-empt attacks by learning from Holmes and Poirot. Detectives try to identify the crime pattern of a criminal, and then cops nab him before he strikes again. Similarly, security experts try to predict a hacker's move in cyberspace by setting up a 'honeypot' - a virtual network of computers to trap and study hackers' habits. As part of Honeynet, an international research project, Roshen and friends have a honeypot in their Mumbai lab. Once, they tracked Romanian hackers even while an attack was on.

Being a security consultant comes with responsibilities. You must be honest and trustworthy. While testing the security of a firm's computer network, you may uncover confidential information. Security specialists have a code of ethics that they imbibe during training.

I remember asking Roshen why the names of clients were not on his company's website. "Publicising a client's network as 'safe' will make it vulnerable," he replied, "and will provoke hackers to attack." At home, we joke that he has become more secretive since then. Recently we asked him whether he was working on projects for the Defence Ministry. He said, "Even if I am, I won't tell you." That scared my mother.

And people tell me IT is not exciting.


RELATED LINKS
Paladion Networks
More articles by the author
Contact the author

Copyright © 2003 Ashok R Chandran