[iwar] more news
From: Fred Cohen
To: Information Warfare Mailing List
From: fc@all.net
To: iwar@onelist.com
Thu, 4 Jan 2001 21:03:05 -0800 (PST)
fc Thu Jan 4 21:04:08 2001
Received: from 207.222.214.225
by localhost with POP3 (fetchmail-5.1.0)
for fc@localhost (single-drop); Thu, 04 Jan 2001 21:04:08 -0800 (PST)
Received: by multi33.netcomi.com for fc
(with Netcom Interactive pop3d (v1.21.1 1998/05/07) Fri Jan 5 05:00:00 2001)
X-From_: fc@all.net Thu Jan 4 22:59:11 2001
Received: from hi.egroups.com (hi.egroups.com [208.50.99.211]) by multi33.netcomi.com (8.8.5/8.7.4) with SMTP id WAA14076 for ; Thu, 4 Jan 2001 22:59:05 -0600
X-eGroups-Return: sentto-279987-883-978670986-fc=all.net@returns.onelist.com
Received: from [10.1.4.55] by hi.egroups.com with NNFMP; 05 Jan 2001 05:03:12 -0000
X-Sender: fc@all.net
X-Apparently-To: iwar@onelist.com
Received: (EGP: mail-6_3_1_3); 5 Jan 2001 05:03:06 -0000
Received: (qmail 1600 invoked from network); 5 Jan 2001 05:03:05 -0000
Received: from unknown (10.1.10.142) by l9.egroups.com with QMQP; 5 Jan 2001 05:03:05 -0000
Received: from unknown (HELO all.net) (65.0.156.78) by mta3 with SMTP; 5 Jan 2001 06:04:10 -0000
Received: (from fc@localhost) by all.net (8.9.3/8.7.3) id VAA23799 for iwar@onelist.com; Thu, 4 Jan 2001 21:03:05 -0800
Message-Id: <200101050503.VAA23799@all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL1]
From: Fred Cohen
MIME-Version: 1.0
Mailing-List: list iwar@egroups.com; contact iwar-owner@egroups.com
Delivered-To: mailing list iwar@egroups.com
Precedence: bulk
List-Unsubscribe:
Date: Thu, 4 Jan 2001 21:03:05 -0800 (PST)
Reply-To: iwar@egroups.com
Subject: [iwar] more news
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
National Security Threatened by Internet, Studies Say;
Experts warn that terrorists, other nations are busy preparing for=
cyberwarfare
Dan Verton - Copyright 2001 Computerworld, Inc. January 1, 2001
During the next 15 years, the U.S. will face a new breed of=
Internet-enabled terrorists, criminals and nation/state adversaries that=
will launch attacks not with planes and tanks, but with computer viruses=
and logic bombs, according to two reports released last month.Although the=
68-page report by the CIA's National Intelligence Council (NIC) mentioned=
critical electronic infrastructure protection and information warfare only=
briefly, it warned Americans that adversaries around the world are hard at=
work developing tools to bring down the U.S.'s private sector=
infrastructure.
Many countries already have programs to develop such technologies and=
"could develop such capabilities over the next decade and beyond,"=
according to the NIC study.
A report by the Washington-based Center for Strategic and International=
Studies (CSIS) went even further, warning of a future cyberarms race and=
the rise of terrorist groups supported by "computer-literate youngsters"=
bent on disrupting the Internet.
"The U.S., Russia, China, France and Israel are developing cyberarsenals=
and the means to wage all-out cyberwarfare," the CSIS study said.
China is of particular concern, said experts, because it's devising=
strategies for unrestricted electronic warfare. Officials said critical=
infrastructures in the U.S. could be targeted in the future as revenge for=
incidents like the 1999 accidental bombing of the Chinese embassy in=
Serbia.
"They suggest having every person in China send one e-mail to [an address]=
of interest in the U.S. or use hacker tools easily available on the=
Internet to support a mass[denial-of-service] attack," said John Shissler,=
a former military intelligence officer.
Online extortion and falsification of shipping manifests by criminals, and=
attempts by countries to use hacking techniques to evade trade sanctions=
are a rising concern, said Jeffrey Hunker, senior director for critical=
infrastructure protection at the White House.
Hunker said officials are also becoming increasingly concerned with the=
proliferation of "always-on" Internet appliances, such as modems and=
network printers. Hackers are finding ways to penetrate these devices and=
possibly use them as launching pads for more devastating distributed=
denial-of-service attacks, he said.
Last year, a hacker cracked into a printer at the Navy's Space and Naval=
Warfare Center and rerouted a potentially sensitive document to a server=
in Russia.
Stephen Northcut, director of the Global Incident Analysis Center at the=
SANS Institute in Bethesda, Md., said that in one day recently, his cable=
modem-equipped laptop received 54 probes, two of which penetrated his=
personal firewall. "Our systems come to us hackable," said Northcut. "It's=
a feature."
Winn Schwartau, founder of security consultancy Interpact Inc. in Seminole,=
Fla., said the real threat comes from the design of the U.S.=
infrastructure and the people who run it.
"We built these systems and our business models on the assumption that=
things will always work," said Schwartau. If a major attack is made on the=
infrastructure, "it's going to happen from the inside," he said.
Tim Atkin, a member of the National Partnership for Critical Infrastructure=
Security and director of critical infrastructure protection at consulting=
firm SRA International Inc. in Fairfax, Va., said the reports hold a=
"powerful message" for the national cybersecurity effort. He added,=
however, that future preparedness will be determined by how much emphasis=
companies and the government place on fixing known vulnerabilities,=
training and education and enforcing good security policies.
Dan Morrison, a partner in the risk consulting group at Arthur Andersen LLP=
in Ottawa, said although the threat of terrorists groups attacking the=
infrastructure is real, a word of caution is needed. "It's scary, but it's=
really hard to bring down the Internet."
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
*new subscribers =3D=3D> http://techPolice.com
------------------
http://all.net/