[ISN] Data security helped Alinghi retain America's Cup

InfoSec News alerts at infosecnews.org
Tue Sep 25 00:17:47 CDT 2007 

http://www.swissinfo.ch/eng/swissinfo.html?siteSect=105&sid=8240183

By Matthew Allen in Zurich
SwissInfo
September 24, 2007

Switzerland's top sailing team Alinghi have revealed elaborate security 
helped prevent a Formula One-style spy scandal that could have upset its 
defence of its title this year.

Alinghi employed Swiss electronic security firm Wisekey to stop vital 
data getting into the wrong hands as the team prepared for the America's 
Cup in Valencia, Spain.

"The America's Cup is a design contest and a technology race. That's the 
way the Cup's always been and we're going to keep it that way," Alinghi 
skipper Brad Butterworth told Yachting World shortly after retaining the 
trophy in July.

Motor sport's premiere racing event Formula One has been rocked by a 
recent spy scandal that saw team McLaren stripped of its constructor's 
points and fined $100 million (SFr117 million) earlier this month.

Alinghi trimmer Nils Frei, a Swiss-born sailor who was part of the 2003 
and 2007 winning teams, outlined the importance of data protection 
during the Security Zone 07 conference held in Zurich last week.

"The basic design of the boats has been the same since 1992 and as they 
have become more similar the little things have become more crucial," he 
told swissinfo.

 
Small talk risk

"We have to be really careful not to give our competitors an advantage 
by seeing our designs. This goes as far as not hoisting a new sail when 
we are practising because we know there will be spies watching us.

"We all spy on other teams when they have their boats out, but I have 
never heard of anything illegal taking place."

But no amount of technical security could protect Alinghi from an 
insider passing on documents and information, as happened with Formula 
One teams McLaren and Ferrari.

Frei believes the biggest danger for honest team members is letting 
information slip by accident.

"The biggest risk is talking to a sailor from another team at a bar. All 
the technology in the world can't protect against a slip of the tongue 
after a few beers," he said.

The challenge of keeping data secure was made more difficult by the 
sheer scale of information being passed between various elements of the 
Alinghi team, partners such as the Swiss Federal Institute of Technology 
in Lausanne, sponsors and supporters.

Wisekey developed a secure identification card with a photograph, 
personal password and a computer chip that limited access to sensitive 
areas of the Alinghi website and data bank as well as physical access to 
the team's camp.

 
CSI bugbear

"Events such as the America's Cup involve enormous investment so there 
would be huge repercussions if sensitive information leaves a secure 
area, as we have seen in other sports," said Kevin Blackman, chief 
technology officer at Geneva-based Wisekey.

The company plans to heighten security levels even further with 
biometric data as Alinghi begins preparations for the next America's 
Cup. The competition among designers will heat up with bigger boats 
expected in 2011.

But sensitivities surrounding the use of people's biometric data, such 
as DNA and fingerprints, are holding back the advancement of security, 
according to Wisekey director Marc Besson.

"Our biggest bugbear is the American television series CSI [Crime Scene 
Investigation]," he told swissinfo. "When people see biometric material 
being used to track down criminals they fear their fingerprint on an ID 
card will be used to incriminate them if they do something wrong.

"However, we only use a partial print for company identification 
purposes that cannot be used by the police."


-=-

 
SECURITY COSTS
 
Phishing, fraudulently obtaining passwords or credit card information 
online, cost American banks and credit card issuers $1.2 billion (SFr1.4 
billion) and UK banks $12 million, according to research.

However other estimates put the cost much lower.

US companies are thought to lose $250 billion in 2004 due to sensitive 
information falling into the wrong hands, according to Wisekey.

Resetting passwords costs a company between $51 and $147 on each 
occasion, the Swiss company said.
 

CONTEXT
 
The Security Zone 07 conference was staged in Zurich on September 19 and 
20 the third time it has been staged.

It brought together industry experts, manufacturers and distributors in 
the field of information security together with representatives from the 
business and science worlds.

The conference presented the latest trends in data security together 
with seminars, workshops and training tips.

Some of the themes covered by the conference included the safety of 
e-commerce, methods to control computer spam and viruses, computer 
hacking and data protection laws.
 
LINKS
 
* Alinghi (http://www.alinghi.com/en/index.php)
* America's Cup (http://www.americascup.com/en/)
* Wisekey (http://www1.wisekey.com/default.aspx)    
* Security Zone 07 (http://www.security-zone.info/)

More information about the ISN mailing list