Hong Kong systems administrators were warned yesterday to implement stronger security measures and prepare for a new generation of viruses and automated hacking tools.
A United States-based hacker known as Rain Forest Puppy, or RFP, was speaking yesterday on the final day of Hack 2002, a security conference held at the Hong Kong Convention Centre.
He demonstrated in about half an hour how he used a Web browser to hack into a corporate Web site. For the demonstration, he used software employed by a US medical college to allow patients to access their own records over the Internet, although the site he hacked was one built specifically for the demonstration.
The key to averting such attacks was to devote more time to preventive measures, preferably before vulnerabilities are publicised by researchers or vendors, he said.
'From the most secure thing on the Internet to complete trash, it can happen overnight. Overly paranoid security configurations can actually help you more than patches,' he said.
His suggestions include reducing the amount of information put into Web page headers and error messages.