[iwar] Historical posting

From: Fred Cohen
From: fc@all.net
To: iwar@onelist.com
Mon, Jan 1, 1999

Messages sorted by: [ date ][ subject ][ author ][ recipient ]
Next message: From: Fred Cohen To: "[iwar] Historical posting"
Previous message: From: Fred Cohen To: "[iwar] Historical posting"

fc  Mon Jan 1, 1999
Received: (from fc@localhost) by all.net (8.9.3/8.7.3) id FAA15269 for iwar@onelist.com; Tue, 18 Apr 2000 05:21:43 -0700
To: iwar@onelist.com
MIME-Version: 1.0
Mailing-List: list iwar@egroups.com; contact iwar-owner@egroups.com
Delivered-To: mailing list iwar@egroups.com
Precedence: bulk
List-Unsubscribe: 
Date: Mon, Jan 1, 1999
From: Fred Cohen 
Reply-To: iwar@egroups.com
Subject: [iwar] Historical posting

             At 09:17 PM 10/16/1999 -0700, Fred Cohen wrote:
>I think that the bombing of information infrastructures with the goal of
>inducing fear in the general public would constitute cyber-terrorism.
>
>In general, I would count anything as cyber-terrorism if it was intended
>to induce fear in the citizenry and was directed at or through some set
>of information systems.

So, is it rail-terrorism if they blow up the Chessie System?  Is it
cyber-terrorism, or rail-terrorism (or petro-terrorism) if they blow up the
switching center computer that results in Chessie rail cars unable to get
the fuel tanker cars to the refinery?

A question to prepend to yours: what, exactly, terrifies?  TWA 800 produced
several hundred deaths; DC's on track to produce more deaths this year from
drug-related violence.  Unbiased observers would be far less terrified by
air crashes (among the safest mode of travel) than heart disease.  Scratch
the "what is terror?" question, and you start scraping up a variety of
agendas; NB that TWA 800, which turned out to be an apparent mechanical
failure, produced a couple of pieces of rather civil-liberty-repressive
legislation, tightening surveillance of citizens.

I think the more interesting futures for "cyber-terrorism" would revolve
around the potential to induce widespread panic, or disruptive political
change, as a consequence of a loss of trust in fundamental, IT-dependent
systems.  If, for example, all credit card clearing functions were first
corrupted (so everyone's accounts were recorded as off, by a few, or a few
thousand, bucks) and then disrupted (so there was no clear understanding as
to when and how commerce might be possible), well then, maybe.

What happens January 1 should be somewhat instructive, especially re how
affected communities respond socially, and to whom or what they look for
reassurance (and whom all they sue once it's over... I suspect that one
could do a great business just coaching attorneys how to recast themselves
as Y2K-consequence litigators).

As to why there's not more cyber-terrorism... probably mostly for the same
reasons there's not more terrorism: most terrorists get caught, most
governments would happily collaborate with others to jointly make the world
more stable (do *we*, of the NYSE and NASDAQ, want to see political crisis
in Beijing? heck no!), small groups can only wreak so much havoc, and large
groups grow quickly vulnerable to compromise and infiltration.

Ross

___________________________________________________________________
Ross Stapleton-Gray                   Sandstorm Enterprises, Inc.
rsgray@s...                  2503 Columbia Pike, Suite 118
                                      Arlington VA 22204
http://www.sandstorm.net/             +1 703 685-5197 / 5257 fax

Next message: From: Fred Cohen To: "[iwar] Historical posting"
Previous message: From: Fred Cohen To: "[iwar] Historical posting"