Return-Path: <sentto-279987-4134-1009517694-fc=all.net@returns.groups.yahoo.com> Delivered-To: fc@all.net Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Thu, 27 Dec 2001 21:36:08 -0800 (PST) Received: (qmail 10284 invoked by uid 510); 28 Dec 2001 05:35:16 -0000 Received: from n20.groups.yahoo.com (216.115.96.70) by all.net with SMTP; 28 Dec 2001 05:35:16 -0000 X-eGroups-Return: sentto-279987-4134-1009517694-fc=all.net@returns.groups.yahoo.com Received: from [216.115.97.188] by n20.groups.yahoo.com with NNFMP; 28 Dec 2001 05:27:40 -0000 X-Sender: fc@red.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-8_0_1_3); 28 Dec 2001 05:34:53 -0000 Received: (qmail 69493 invoked from network); 28 Dec 2001 05:34:53 -0000 Received: from unknown (216.115.97.172) by m2.grp.snv.yahoo.com with QMQP; 28 Dec 2001 05:34:53 -0000 Received: from unknown (HELO red.all.net) (12.232.125.69) by mta2.grp.snv.yahoo.com with SMTP; 28 Dec 2001 05:34:53 -0000 Received: (from fc@localhost) by red.all.net (8.11.2/8.11.2) id fBS5ZRL03890 for iwar@onelist.com; Thu, 27 Dec 2001 21:35:27 -0800 Message-Id: <200112280535.fBS5ZRL03890@red.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL3] From: Fred Cohen <fc@all.net> X-Yahoo-Profile: fcallnet Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Thu, 27 Dec 2001 21:35:26 -0800 (PST) Subject: [iwar] [fc:Fears.rise.over.threat.of.hackers] Reply-To: iwar@yahoogroups.com Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Fears rise over threat of hackers By Diane Plumberg Clay, The Oklahoman, 12/27/2001 <a href="http://www.newsok.com/cgi-bin/show_article?ID=801840&pic=none&TP=getarticle">http://www.newsok.com/cgi-bin/show_article?ID=801840&pic=none&TP=getarticle> It is June, the children are out of school, and as highways and airports fill with vacationers, rolling power outages hit sections of Los Angeles, Chicago, Washington and New York. An airliner is mysteriously knocked off the flight control system and crashes in Kansas. Parts of the 911 service in Washington, D.C., fail, supervisors at the Defense Department discover that their e-mail and telephone services are disrupted and officers aboard a U.S. Navy cruiser find that their computer systems have been attacked. The incidents seem the makings of a mock terrorism exercise. All these incidents happened in 1997 when 35 hackers hired by the National Security Agency launched simulated attacks on the U.S. electronic infrastructure. According to a published report after the event, the exercise, dubbed "Eligible Receiver," achieved "root level" access in 36 of the U.S. Defense Department's 40,000 networks. The simulated attack also "turned off" sections of the U.S. power grid, "shut down" parts of the 911 network in Washington and other cities and gained access to systems aboard a Navy cruiser at sea. Cyberterrorism experts have been warning since the 1980s about the vulnerability of the United States to such attacks, but they were often dismissed. That changed on Sept. 11. On that day, key professors from universities in Idaho, Indiana, New York, Oklahoma, Florida, Iowa and other states were preparing a plan to defend the nation against such attacks at a meeting in Washington when the hijacked airliners struck the World Trade Center's twin towers in New York. The group was evacuated from the National Security Agency in a Washington suburb and sent back to hotels. The group's meeting the next day at the White House was canceled. Spreading the word Sujeet Shenoi, a computer science professor at the University of Tulsa, was among the group. "It was like 'Independence Day.' ... I couldn't get a flight, so I drove. Because of how I looked, I was afraid to stop. I drove 23 hours straight," said Shenoi, who spent the first 21 years of his life in Bombay, India. He is now a U.S. citizen. Shenoi attended the meeting Sept. 11 along with other professors and representatives of the federal government, including cyberterrorism czar Dick Clarke, to discuss the creation of a national counterterrorism plan that would defend the nation's systems from remote or domestic computer attacks. Since Sept. 11, Clarke has been promoted to special adviser to the president for cyber security through the Office of Homeland Security, created by President Bush in response to the terrorist attacks. Shenoi now speaks to churches, civic groups and most recently the state security task force about what experts believe is coming. "People should be aware of the problem. I would not say being alarmed, but we need to start taking actions. We need to be prepared," Shenoi said. "It was a huge wake-up call." Shenoi said the country's interconnecting telephone systems and computer networks make it easy for terrorists to hack into systems from remote locations via satellite and disrupt operations. He said chemical plant output could be adjusted, aircraft on Federal Aviation Administration radar could be rerouted or cut off from communications and 911 systems could be jammed or shut down completely. A greater danger, he told members of the state's Joint Homeland Security Task Force last week, was an attack on computer networks coupled with a traditional strike. He said terrorists could set off bombs, then scramble communications to delay rescues and send false information on alert systems. He warned the group that cyber attacks are coming. It is just a matter of when. Cyber safety Shenoi asked task force members to consider a screening process for cyberterrorism courses like his at Tulsa University to keep colleges and trade schools from training students in this type of warfare, then having them attack American interests. The process would have to be accomplished without violating students' civil liberties. "It's harder to do in a democracy," he said. When Shenoi finished his computer presentation and the screen was dimmed, one state senator put his head on the table, another sighed deeply and the rest of the room sat silent. Shenoi assured them something could be done, but no effort would make Oklahoma or the nation immune to terrorism. He suggested doing things as simple as placing firewalls in state computer systems to protect them from hackers and viruses, limiting what's available on the Internet and reducing the number of people who have access to computer systems, especially from outside dial-up locations. Shenoi suggested each college or university conduct a risk-management survey of its systems to find potential weaknesses, then look at affordable solutions to protect them. He said the federal government is considering the creation of its own independent network to reduce access from the outside. The new network would remove the operations of agencies such as the Federal Aviation Administration from the Internet to eliminate its dependence on the system and reduce the chances of tampering. He and others also want to make it easier to track and prosecute cyberterrorists across state and international lines. "We've learned many lessons from Sept. 11, but one of the main ones is how so few people can hurt so many. That's what modern attacks will be," he said. "I believe, ultimately, the American people will come up with a solution. It may not be a complete solution, but it will be a ... good one. ... People need to be aware of the dangers and the risk, but you can't live in fear. We have to hope for the best." ------------------------ Yahoo! Groups Sponsor ---------------------~--> Send FREE Holiday eCards from Yahoo! Greetings. http://us.click.yahoo.com/IgTaHA/ZQdDAA/ySSFAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-12-31 21:00:00 PST