[iwar] [fc:Bracing.for.cyberwar]

From: Fred Cohen (fc@all.net)
Date: 2001-10-04 20:22:45
Next message: Fred Cohen: "[iwar] [fc:bin.Laden's.bank.accounts.hacked]"
Previous message: Fred Cohen: "[iwar] [fc:A.Battle-Ready.Net?]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-Id: <200110050322.UAA02830@big.all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
From: Fred Cohen <fc@all.net>
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Precedence: bulk
Date: Thu, 4 Oct 2001 20:22:45 -0700 (PDT)
Reply-To: iwar@yahoogroups.com
Subject: [iwar] [fc:Bracing.for.cyberwar]
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

Bracing for cyberwar
Jovi Tanada Yam

Copyright 2001 BusinessWorld Publishing Corporation
BusinessWorld

Launching an attack in cyberspace is as easy as pressing the Enter key.

After the Sept.  11, 2001 terrorist attacks on the World Trade Center
and the Pentagon, many corporations are taking big steps to protect
their computer networks.  In addition to a possible biological or
chemical warfare, they fear that another form of terrorism may be
launched in cyberspace. 

Cyber-terrorism often follows closely on the heels of international
conflicts.  While the United States has about 40% of the world's
computers, the threat of cyber-terrorism is global.  Some examples
follow:

* After the April 1, 2001 collision between a Chinese jet fighter and a
US surveillance plane, there were thousands of defacements of US
websites;

* During the Gulf War, Dutch hackers stole information about US troop
movements from US Defense Department computers and tried to sell it to
the Iraqis, who thought it was a hoax and turned it down;

* In March 1997, a 15-year-old Croatian youth penetrated computers at a
US Air Force base in Guam; and

* In 1997 and 1998, an Israeli youth calling himself "The Analyzer"
allegedly hacked into Pentagon computers with help from California
teenagers.  Ehud Tenebaum, 20, was charged in Jerusalem in February 1999
with conspiracy and harming computer systems. 

In a July 3, 2000 interview, Richard Clarke, national coordinator for
security, infrastructure protection and counter-terrorism at the US
National Security Council, said that a devastating surprise attack,
sometimes referred to as an "electronic Pearl Harbor," was inevitable. 

Of particular concern to the National Security Council is the Pentagon,
the military stronghold of the world's most powerful nation.  "It's the
Holy Grail of hackers," says computer security expert Rob Clyde.  "It's
about bragging rights for individuals and people with weird agendas."

The US Defense Department acknowledges that there are about 60 and 80
attacks a day on the Pentagon's systems. 

The unspoken fear at the back of most people's minds is that if somebody
wanted to launch a global cyber-attack, it would be as easy as a walk in
the park. 

"A lot of people are concerned about cyber-terrorism since the attacks,"
said Joel Pogar, an information security expert.  "Electronic attacks
are even easier to do because you don't have to do them on US soil.  The
Internet and electronic communications are a lot more vulnerable.  You
don't need a plane to attack an Internet connection."

Vulnerability of the information infrastructure stems in large part to
the deregulation of the telephone and power industries: To stay
competitive and cut costs, companies have reduced spare capacity,
leaving them more vulnerable to outages and disruptions in service. 

Another flaw is the domination of the telecommunications system by phone
companies and Internet service providers (ISPs) that do not trust each
other.  As a result, the systems do not mesh seamlessly and are
vulnerable to failures and disruptions. 

Moreover, a lot of Internet users are not security-conscious. 

"There is a saying that the amount of 'clue' (knowledge) on the Internet
is constant, but the size of the Internet is growing exponentially. 
There are a lot of clueless people out there.  It's basically a
situation where people don't know how to lock the door before walking
out, so more and more machines are vulnerable," noted Fred Schneider, a
professor of computer science at Cornell University. 

Meanwhile, the tools of mayhem are readily available. 

There are about 30,000 hacker-oriented sites on the Internet, bringing
hacking - and terrorism - within the reach of even the technically
challenged. 

"You no longer have to have knowledge, you just have to have the time,"
says Rob Clyde, a computer security expert. 

"You just download the tools and the programs.  It's the democratization
of hacking.  And with these programs ...  they can click on a button and
send bombs to your network, and the systems will go down."

While cyber-attacks are easy to launch, their origins are difficult to
trace. 

Indeed, tracing cyber-attacks is like tracking vapor.  Said Schneider,
"There are lots of opportunities for cyber-terrorism.  That's very, very
scary."

------------------------ Yahoo! Groups Sponsor ---------------------~-->
Pinpoint the right security solution for your company- Learn how to add 128- bit encryption and to authenticate your web site with VeriSign's FREE guide!
http://us.click.yahoo.com/yQix2C/33_CAA/yigFAA/kgFolB/TM
---------------------------------------------------------------------~->

------------------
http://all.net/ 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
Next message: Fred Cohen: "[iwar] [fc:bin.Laden's.bank.accounts.hacked]"
Previous message: Fred Cohen: "[iwar] [fc:A.Battle-Ready.Net?]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
This archive was generated by hypermail 2.1.2 : 2001-12-31 20:59:54 PST