Your browser is no longer supported

For the best possible experience using our website we recommend you upgrade to a newer version or another browser.

Your browser appears to have cookies disabled. For the best experience of this website, please enable cookies in your browser

We'll assume we have your consent to use cookies, for example so you won't need to log in each time you visit our site.
Learn more

Project extranets also at risk from hostile hackers

PROJECT EXTRANETS set up to streamline construction are a prime target for terrorists, leading American security experts warned this week.

Independent security firm Steven R Keller & Associates told N C E that engineers and architects should re-evaluate the need for such 'gratuitous uses of technology'.

Keller has already advised clients worldwide, including most major US museums, to take CAD drawings of their buildings offline. He has also told them to order their architects and engineers to remove files from their computers when buildings are finished.

'In general, people really need to re-evaluate what needs to be accessed online, ' said Keller senior associate Pete Rondeau.

'There really is no need for drawings to be posted on a website 24 hours a day, when the whole world can have access to them within 12.'

Rondeau said user names and passwords did not provide adequate security. 'Any 17 year old - in the US, England or anywhere else around the world - can get past these blocks. The simple fact is, if they can break into Microsoft, then they can break into anything.'

British project extranet providers in the UK defended the claim that their password based security systems were unhackable.

'It is simply not possible to breach our system, ' said BIW Technologies chief executive Colin Smith.

'The whole system is based on the use of passwords, so it is virtually impossible to hack in via the net.'

BIW Technologies extranet system, information channel, operates entirely through a web browser with all information stored on a central server. But end users log on to proxy servers, so even with a stolen password a hacker could only find what the original user could access.

INFOPLUS www. aia. org www. stevekeller. com

Have your say

You must sign in to make a comment

Please remember that the submission of any material is governed by our Terms and Conditions and by submitting material you confirm your agreement to these Terms and Conditions. Please note comments made online may also be published in the print edition of New Civil Engineer. Links may be included in your comments but HTML is not permitted.

Related Jobs