Return-Path: <sentto-279987-1392-994334612-fc=all.net@returns.onelist.com> Delivered-To: fc@all.net Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Thu, 05 Jul 2001 05:04:08 -0700 (PDT) Received: (qmail 22510 invoked by uid 510); 5 Jul 2001 11:05:34 -0000 Received: from cj.egroups.com (208.50.144.68) by 204.181.12.215 with SMTP; 5 Jul 2001 11:05:34 -0000 X-eGroups-Return: sentto-279987-1392-994334612-fc=all.net@returns.onelist.com Received: from [10.1.4.52] by cj.egroups.com with NNFMP; 05 Jul 2001 12:03:32 -0000 X-Sender: ellisd@mitre.org X-Apparently-To: iwar@yahoogroups.com Received: (EGP: mail-7_2_0); 5 Jul 2001 12:03:31 -0000 Received: (qmail 44047 invoked from network); 5 Jul 2001 12:00:25 -0000 Received: from unknown (10.1.10.142) by m8.onelist.org with QMQP; 5 Jul 2001 12:00:25 -0000 Received: from unknown (HELO smtpproxy2.mitre.org) (128.29.154.90) by mta3 with SMTP; 5 Jul 2001 12:00:24 -0000 Received: from avsrv2.mitre.org (avsrv2.mitre.org [128.29.154.4]) by smtpproxy2.mitre.org (8.11.3/8.11.3) with ESMTP id f65C0N118188 for <iwar@yahoogroups.com>; Thu, 5 Jul 2001 08:00:23 -0400 (EDT) Received: from MAILHUB2 (mailhub2.mitre.org [129.83.221.18]) by smtpsrv2.mitre.org (8.11.3/8.11.3) with ESMTP id f65C0Ma01303 for <iwar@yahoogroups.com>; Thu, 5 Jul 2001 08:00:22 -0400 (EDT) Received: from dhcp-166-211.mitre.org (128.29.166.211) by mailhub2.mitre.org with SMTP id 7084760; Thu, 05 Jul 2001 08:00:19 -0400 Message-ID: <3B4456D6.F883AE03@mitre.org> Organization: The MITRE Corporation X-Mailer: Mozilla 4.76 [en]C-20010313M (Windows NT 5.0; U) X-Accept-Language: en To: IWAR <iwar@yahoogroups.com> X-eGroups-From: Dan Ellis <ellisd@mitre.org> From: Dan Ellis <ellisd@cs.ucsb.edu> Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Thu, 05 Jul 2001 08:00:22 -0400 Reply-To: iwar@yahoogroups.com Subject: [iwar] Critical Mass to wage IW Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit I have heard statements from many in the computer security and information warfare that waging information warfare requires the resources of a nation state. Can anybody explain why a terrorist group, a single security professional, or a small group of "hobbyists" couldn't mount the resources necessary to wage information warfare? Maybe I am alone in believing that a small, trained, coordinated group could pull off at least a significant offensive for a short period of time. What resources are needed in order to wage a significant offensive? I suggest the following resources: 1) training/competency, 2) time, 3) computer software & hardware, 4) a connection to the internet. Computer software and hardware are relatively inexpensive ($1k is more than enough). An internet connection is likewise not an outlandish prerequisite. Time may be a limiting factor: it requires time to build the tools necessary. I suggest that underground tools, in their current state, could not easily be used by just one person to do a lot of damage. I know some of you will want to jump on this argument. But suffice it to say that time is necessary--for target planning and development of tools. I suggest that with 2 hours a day, over the course of a year, a serious hobbyist could produce some very potent tools. The most limiting resource, I suggest, is training or competency. It is true that the more one understands computers the more ways one can find to break them, but it doesn't take much knowledge before several different attacks become apparent. Any person who has graduate from college with a bachelors in computer science/engineering, electrical engineering, information technology is well equiped with the prerequisite knowledge. This is by no means an exhaustive list of potential candidates. (Imagine what one person could do if he created a potent tool and was able to mobilize the standing army of script kiddies to use that tool. Once an attacker learns how to replicate code into effective mobile agents, the script kiddies add nothing.) Are there other resources that are required that I am missing? Are there resources whose prerequisite attributes I have inaccurately chatagerized? --------------------------- Dan Ellis, Ph.D. student www.cs.ucsb.edu/~ellisd (703) 883-5807 ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-09-29 21:08:36 PDT