Mark Gibbs: Salute the defenders of profit: IT

Atten-shun! General Gibbs here. Right folks, we’re going back into battle shortly, but first a few words about the war.

We know what our job is: we’re defending our networks from virus writers, hackers, dishonest employees, flaky equipment and bug-ridden software.

And it is getting worse. Things that we never thought would be a threat are being turned against us. This spam battle has escalated from a low-level nuisance to a strategic confrontation. The bad guys are rolling out new tactics pretty much every day while we rearrange our defences – the anti-spam filters – because without a real push to shore up the messaging beachhead, the signal-to-noise ratio will plummet until e-mail becomes useless.

But that, soldiers, is not even scratching the surface, because an increasingly significant threat is coming from a largely unexpected source: what the good guys can do to you.

E-commerce has an interesting tendency to change the way business is done, making, for example, constant monitoring of another organization’s Web site data highly desirable. Great for the outfit doing the monitoring but lousy for the monitoree, particularly when many companies are monitoring them simultaneously. The constant access can create a phenomenal drain on resources.

A great example is the “bot” problem that plagues big search engines. For many organizations search engines are key components of their online marketing strategies – the reason being that if they appear in the search results for a specific term that relates to their products, then the chances of someone spending money is vastly improved.

What these organizations care about is not just being on the results list but being first or as close to first as possible. Not high enough? Then they tweak their metatags and keywords and try to get lots of other sites to link to them. Then they go back to the search engines later to check their rank.

The problem is that it’s labour-intensive to check all the search engines repeatedly, so companies started to build “bots” – robots that search on their behalf.

As a result, the search engines experienced scores, then hundreds, of bots accessing them as everyone started to play the game. The search engines consequently started blocking the IP addresses of bots. The bots were re-engineered to behave more human-like so that the search engine people had to start getting really clever with their detection systems so the bots, then…well, you get the idea.

Unlike in the real world, skirmishes that involve network access and resources are to all intents and purposes capable of endless escalation. The only constraints are the intervention of network administrators, the size of the data pipes, the speed of the routers and the power of the processors. Unfortunately, all those factors except your effort grow according to Moore’s Law. Thus we are condemned to endless conflict.

But there is a simple answer: We need more IT people – an army of them. Businesses that intend to be competitive can’t operate with the tiny IT groups most of them have, because the IT people are all that stand between profitable information-driven businesses and money-hemorrhaging chaos.

Battle plans to