Return-Path: <sentto-279987-2088-1000951192-fc=all.net@returns.onelist.com> Delivered-To: fc@all.net Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Wed, 19 Sep 2001 19:01:12 -0700 (PDT) Received: (qmail 25613 invoked by uid 510); 20 Sep 2001 02:00:15 -0000 Received: from n2.groups.yahoo.com (216.115.96.52) by 204.181.12.215 with SMTP; 20 Sep 2001 02:00:15 -0000 X-eGroups-Return: sentto-279987-2088-1000951192-fc=all.net@returns.onelist.com Received: from [10.1.1.223] by hi.egroups.com with NNFMP; 20 Sep 2001 01:59:52 -0000 X-Sender: fc@big.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-7_3_2_2); 20 Sep 2001 01:59:51 -0000 Received: (qmail 7626 invoked from network); 20 Sep 2001 01:59:51 -0000 Received: from unknown (10.1.10.26) by 10.1.1.223 with QMQP; 20 Sep 2001 01:59:51 -0000 Received: from unknown (HELO big.all.net) (65.0.156.78) by mta1 with SMTP; 20 Sep 2001 01:59:51 -0000 Received: (from fc@localhost) by big.all.net (8.9.3/8.7.3) id SAA09836 for iwar@onelist.com; Wed, 19 Sep 2001 18:59:51 -0700 Message-Id: <200109200159.SAA09836@big.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL1] From: Fred Cohen <fc@all.net> Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Wed, 19 Sep 2001 18:59:51 -0700 (PDT) Reply-To: iwar@yahoogroups.com Subject: [iwar] [fc:Can.Cyber-Intelligence.Prevent.Real-World.Terrorism?] Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Can Cyber-Intelligence Prevent Real-World Terrorism? By Robyn Weisman www.NewsFactor.com, 9/19/01 <a href="http://www.ecommercetimes.com/perl/story/13618.html">http://www.ecommercetimes.com/perl/story/13618.html> After the tragic events of last week, many in the intelligence community see a pressing need to make better use of so-called cyber-intelligence to track down enemy activity before future attacks can occur. However, no one has suggested that any combination of traditional intelligence and cyber-intelligence gathering can completely eliminate terrorist attacks. Ryan Russell, an incident analyst for SecurityFocus.com, told NewsFactor Network that as long as there are individuals who are willing to act with no regard for their own lives, there will always be terror attacks. "When someone talks about preventing future attacks, they're talking about scale," Russell told NewsFactor. "The goal is really preventing another attack of this scale from taking place again." Russell noted that the use of passenger jets as bombs may no longer be a viable option for terrorists, due to newly implemented security measures. However, plenty of other methods, such as the use of nerve gas and poison, still have the power to wreak devastation. Next Best Thing Russell said that although one can't stop a terrorist acting alone from performing such an act, the next best thing would be to detect and prevent a group from organizing an attack like last week's coordinated hijackings and suicide bombings. "Many people think -- and I tend to agree -- that coordinating such an attack requires the use of some electronics communications network such as the Internet," Russell said. "One obvious possibility is monitoring these networks for items that would seem to relate." But the problem intelligence gatherers face, said Russell, is determining which, of the terabytes of traffic being monitored, relates to a terrorist organization planning an attack. "Given current topics of conversation, how many e-mails don't contain [the words] terrorist, bomb, plane, or World Trade Center today?" Russell said. Difficult Targets Moreover, said Russell, any group of terrorists capable of coordinating an attack like that of September 11th would be careful with their online communications, and would try to thwart investigators by using strong encryption methods and being vague in their discussions. Consequently, "the intelligence community already has to have a set of targets in mind before [online] monitoring will do any good," Russell said. "Technology can help monitor activities once a suspect has been identified, but I don't think it will be terribly effective in identifying them in the first place." DARPA's Genoa Although such intelligence-sharing technology as the Federal Bureau of Investigation's (FBI) controversial e-mail monitoring system DCS1000 (formerly "Carnivore") raises doubts about its effectiveness, branches of the U.S. military are developing more sophisticated tools that will bypass some of the pitfalls of Carnivore and similar applications. Perhaps the most promising is the Defense Advanced Research Projects Agency's (DARPA) Genoa Project. According to sources, DARPA's Genoa employs a combination of a cutting-edge search engine, sophisticated information harvesting programs, and P2P computing methods. Although Genoa is still in an experimental stage, former Reagan cabinet member John Poindexter told government IT publication Federal Computer Week that it is evident that White House crisis management efforts require the use of integrated automation tools, such as those promised by Genoa. Real-World Dangers SecurityFocus analyst Russell asserted that for now, real-world attacks still wreak greater devastation than anything that can be perpetrated in the online world. But as industrialized countries move toward near-total dependence on the networked world, online attacks may prove to be more destructive. "Four coordinated plane crashes? Forget it. The "uber-hacker" can take out 1,000 Web sites simultaneously," Russell said. "Which one causes the greater chaos? Today, the planes. In 10 years, I don't know." ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-09-29 21:08:45 PDT