Return-Path: <sentto-279987-2736-1002337763-fc=all.net@returns.onelist.com> Delivered-To: fc@all.net Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Fri, 05 Oct 2001 20:13:13 -0700 (PDT) Received: (qmail 25814 invoked by uid 510); 6 Oct 2001 03:11:19 -0000 Received: from n17.groups.yahoo.com (216.115.96.67) by 204.181.12.215 with SMTP; 6 Oct 2001 03:11:19 -0000 X-eGroups-Return: sentto-279987-2736-1002337763-fc=all.net@returns.onelist.com Received: from [10.1.1.223] by n17.groups.yahoo.com with NNFMP; 06 Oct 2001 03:11:18 -0000 X-Sender: fc@big.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-7_4_1); 6 Oct 2001 03:09:23 -0000 Received: (qmail 52357 invoked from network); 6 Oct 2001 03:09:23 -0000 Received: from unknown (10.1.10.26) by 10.1.1.223 with QMQP; 6 Oct 2001 03:09:23 -0000 Received: from unknown (HELO big.all.net) (65.0.156.78) by mta1 with SMTP; 6 Oct 2001 03:11:17 -0000 Received: (from fc@localhost) by big.all.net (8.9.3/8.7.3) id UAA26459 for iwar@onelist.com; Fri, 5 Oct 2001 20:11:17 -0700 Message-Id: <200110060311.UAA26459@big.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL1] From: Fred Cohen <fc@all.net> Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Fri, 5 Oct 2001 20:11:17 -0700 (PDT) Reply-To: iwar@yahoogroups.com Subject: [iwar] [fc:America's.computer.databases.and.satellite.navigation.systems.are.vulnerable] Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Fear Along The Firewall; America's computer databases and satellite navigation systems are vulnerable to attack. By Richard Behar, Fortune, 10/5/2001 www.fortune.com One of the first moves in America's new war on terrorism took place Sept. 5, six days before the attacks on the World Trade Center and the Pentagon. The target: a Richardson, Texas, company called InfoCom that hosts Arabic Websites. An 80-man terrorism task force launched a three-day raid, crashing 500 Internet sites, freezing bank accounts, and copying information from the company's hard drives. While government officials aren't saying whether the Texas raid and the attacks on New York and Washington intersect, the Feds have become increasingly worried about terrorism's links to the computer world. After the Sept. 11 attacks, Defense Secretary Donald Rumsfeld included cyberterrorism among the potential threats that "are front and center to us," and the Justice Department proposed legislation giving it the power to prosecute computer crimes as acts of terrorism. Computer-security experts say the country's technostructure is vulnerable to attacks that could cripple corporate America, cause billions of dollars in business losses, and disable the global positioning satellite (GPS) system, potentially wreaking havoc in the skies. "The most devastating scenarios we look at today that are not chemical, biological, or radiological tend to be cyber-attacks," says Neil Livingstone, CEO of GlobalOptions, a risk-management firm that employs many FBI and Navy SEALs veterans. "You can have a greater impact using fewer resources, and you have a greater certainty of not being apprehended." InfoCom, the target of the Texas raid, describes itself as a full-service communications company offering videoconferencing, voice-mail systems, Web hosting, and encrypted e-mail. The firm's Website, which features photos of a smiling blonde Caucasian woman, an African American, and an Asian, says little about the firm's ties to radical Arab groups. But among the Websites that InfoCom hosts is that of Al-Jazeera TV, accused of whipping up militant Islamic sentiment from its base in the Gulf state of Qatar. FORTUNE obtained a list of the 68 domain names that InfoCom is offering for sale, all of which have Arabic or Islamic themes, including "jerusalempalestine.com," "islamicfund.org," and "ilovepalestine.net." Promoting a Palestinian state or hosting a radical Website isn't evidence of backing terrorism. But the U.S. is alleging that InfoCom illegally sold computer technology to Libya and Syria. Moreover, the brother of InfoCom's Palestinian-American owner and CEO, Bayan Elashi, runs the Holy Land Foundation across the street in addition to heading InfoCom's marketing operations. And Elashi's cousin, who is married to a Hamas official named Mousa Abu Marzook, invested in and receives a monthly annuity from InfoCom. Marzook spent 18 months in a New York jail before being deported to Jordan in 1997. Among other things, the feds want to know whether money has been funneled through InfoCom to the Hamas group or to Osama bin Laden's network. Both InfoCom and Holy Land deny any ties to terrorist activities. Law enforcement sources say the World Trade Center hijackers were computer literate in ways that went far beyond the purchase of online airplane tickets. The CIA said earlier this year that bin Laden's operatives use encrypted e-mail to communicate, and one source close to the investigation of last month's terror attacks tells FORTUNE the hijackers did as well. "I guarantee you that this investigation is going to prove that some corporate or government agency networks were used by these guys to facilitate this attack," says Tom Talleur, one of the country's leading cyber-crime and infrastructure-defense experts, who left his post as NASA's top cybercop in 1999 to run the forensic technology unit of KPMG. "I'm sorry it took so many Americans to die to get to this point. One of the reasons I retired after 31 years in federal law enforcement is that I became convinced that the government was not going to do what it would take to fix this problem. And private sector companies don't see how their networks are related to the infrastructure defense of our country. Maybe now they'll wake up." What should corporations be doing now to protect themselves? "The same thing they should have been doing all along," says Howard Schmidt, Microsoft's top information-security executive and an Army Reserve special agent who has been called to Washington to assist in the war on terrorism. Schmidt suggests that computer users strengthen their passwords, stop taping them under keyboards, and keep up with anti-virus software. "Corporations must practice good corporate hygiene because we are all interconnected," he says. "It is incumbent upon us all to raise the bar, whether you are a multibillion-dollar international company or a mom-and-pop selling blackberry jam." For one thing, mom-and-pops that engage in e-commerce can have their customers' credit card numbers stolen by a hacker. "New identities can then be created, and you can see how this thing can snowball," Schmidt says. Fake credentials themselves can easily be bought over the Internet. Last year agents from the General Accounting Office bought bogus law-enforcement badges from a Website and boasted a 100% success rate in gaining entry to 19 federal buildings and two commercial airports. After displaying their fake IDs at the airports, the agents were issued law-enforcement boarding passes and waved around the metal detectors. Large corporations are also vulnerable. If terrorists can turn airplanes into flying bombs to attack two of America's most powerful symbols, they can just as easily go after the electronic arteries of the capitalist system. The tricks are known to hackers all over the world: Viruses and worms and Trojan horses can bring down empires of data. "Sniffers" can be used to capture packets of information; bandwidth can be hijacked to launch disinformation campaigns; messages can be hidden in pixels inside photographs. Cyber-security is linked to physical security. "A lot of Silicon Valley firms we've audited have great firewalls and no security downstairs," says Livingstone. "Anybody can walk in and sit at a computer." Cyber-criminals often use a weak company's network to launch attacks on stronger ones. That's why, warns KPMG's Talleur, "the key message for American business is that, unless you protect your domain and vigorously pursue intrusions, you could be the next accessory in a World Trade Center-type attack." Since the Sept. 11 catastrophe, the FBI has been urging corporations to ratchet up their computer security, even as a new GAO report faults the U.S. government for "slow progress" in patching its own cyber-holes. Indeed, just two months ago the GAO blasted the effectiveness of the FBI's Infrastructure Protection Center (IPC). The agency's director agreed, complaining that he needed more funding. President Clinton formed the IPC in 1998, adding yet another layer to an already fragmented bureaucracy. As the GAO reported earlier this year, with no single entity accountable, the development of a national strategy has been difficult. Turf fights among federal agencies, political parties, and the military have only complicated matters. One bright sign: Microsoft's Schmidt heads the four-year-old Information Systems Security Association, whose FORTUNE 500 members have been sharing cyber-security information with rival firms in their industries. After Sept. 11, they agreed to share data on a "real-time basis" with other industries, says Schmidt. One of Livingstone's concerns is the billions of dollars spent for Y2K computer work, some of which was done, he maintains, by obscure contractors from Third World countries, including Pakistan and Egypt. "We believe some of these were operated by foreign intelligence services, including the Iraqis, and that they were putting in trap doors. A major communications company found a virus set to explode in 2013. There may be viruses and worms in our system that have been set up to coincide with terrorist attacks." Computer security is definitely a disaster at the Federal Aviation Administration. A GAO report last year concluded that "serious and pervasive problems" in the agency's computer network have left it vulnerable to "undue exposure to intrusions and malicious attacks" that put passengers at risk. In July, former FAA Administrator Langhorne Bond gave a speech in Ireland accusing the Department of Transportation of a year-long cover-up in "hiding" an important satellite-security study. The study, finally made public at a meeting of aviation experts in Salt Lake City--held the day before the World Trade Center and Pentagon attacks--focused on the vulnerability of the GPS system, which the FAA wants to rely on exclusively for future airline navigation. Doing so would allow it to close down roughly 3,000 ground-based navigation facilities and save up to $200 million a year. But critics, including the DOT research center that conducted the study, say the satellite signals are vulnerable to "jamming." Several years ago a Russian firm, AviaConversia, offered a $45,000 device, not much bigger than a pack of cigarettes, that could disrupt satellite signals over a 150-mile radius. Bond says a simpler one can be constructed with $500 worth of Radio Shack parts. "If you had an airplane that only used GPS," he says, "and the weather was crappy, you could jam the signal, and the plane would crash if it couldn't find a runway." The damage could affect more than just airline traffic. GPS vulnerability also exists in systems--cell phones, bank transfers, electrical power grids, the Internet--that rely on its high-accuracy timing capability. Many of these nets have back-up clocks, but most of those don't work beyond 48 hours. "A terrorist could collapse the telecommunications nets," says Bond. "This is an area about which the industry is completely unaware." Only three of the FAA's 90 air traffic control centers received a clean bill of health from the GAO last year, which may account for how a teenager managed to hack into a computer servicing the Worcester, Mass. airport in 1997, disabling an ATC tower for six hours. Last month, after the terrorist hijackings, a GAO official told a Senate committee that ATC computers remain highly vulnerable. Even more worrisome, Talleur reveals to FORTUNE, was the 1998 disruption of a joint FAA-NASA test, involving sensitive satellite navigational data. A hacker based in the Persian Gulf invaded the system and was discovered doing keyword searches for "high-performance aircraft that could fly under low observable conditions." NASA won't comment, but Talleur says the space agency immediately shut down its database and Internet service at four facilities. "Unfortunately, we were never able to investigate it fully because NASA's need to fix and prevent further damage interfered with our need to intercept more of what the intruders were doing," recalls Talleur. "The dialogue was pretty heated. It took several days before I was allowed to track the hacker, which, in cyberspace, is the equivalent of a lifetime." By then the intruder was gone. ------------------------ Yahoo! Groups Sponsor ---------------------~--> Get your FREE VeriSign guide to security solutions for your web site: encrypting transactions, securing intranets, and more! http://us.click.yahoo.com/UnN2wB/m5_CAA/yigFAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-12-31 20:59:54 PST