Return-Path: <sentto-279987-4794-1023761953-fc=all.net@returns.groups.yahoo.com> Delivered-To: fc@all.net Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Mon, 10 Jun 2002 19:24:10 -0700 (PDT) Received: (qmail 2559 invoked by uid 510); 11 Jun 2002 02:19:30 -0000 Received: from n29.grp.scd.yahoo.com (66.218.66.85) by all.net with SMTP; 11 Jun 2002 02:19:30 -0000 X-eGroups-Return: sentto-279987-4794-1023761953-fc=all.net@returns.groups.yahoo.com Received: from [66.218.67.198] by n29.grp.scd.yahoo.com with NNFMP; 11 Jun 2002 02:19:13 -0000 X-Sender: fc@red.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-8_0_3_2); 11 Jun 2002 02:19:12 -0000 Received: (qmail 77816 invoked from network); 11 Jun 2002 02:19:12 -0000 Received: from unknown (66.218.66.217) by m5.grp.scd.yahoo.com with QMQP; 11 Jun 2002 02:19:12 -0000 Received: from unknown (HELO red.all.net) (12.232.72.152) by mta2.grp.scd.yahoo.com with SMTP; 11 Jun 2002 02:19:11 -0000 Received: (from fc@localhost) by red.all.net (8.11.2/8.11.2) id g5B2MXM03057 for iwar@onelist.com; Mon, 10 Jun 2002 19:22:33 -0700 Message-Id: <200206110222.g5B2MXM03057@red.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL3] From: Fred Cohen <fc@all.net> X-Yahoo-Profile: fcallnet Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Mon, 10 Jun 2002 19:22:33 -0700 (PDT) Subject: [iwar] [fc:Russia's.cybercrime.squad.fears.the.next.al-Qaeda.attack.may.be.on.crucial.computer.networks] Reply-To: iwar@yahoogroups.com Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, hits=0.0 required=5.0 tests=DIFFERENT_REPLY_TO version=2.20 X-Spam-Level: Cracks in the System Russia's cybercrime squad fears the next al-Qaeda attack may be on crucial computer networks BY PAUL QUINN-JUDGE, Time (Europe), 6/17/02 <a href="http://www.time.com/time/europe/magazine/article/0,13005,901020617-260664,00.html">http://www.time.com/time/europe/magazine/article/0,13005,901020617-260664,00.html> Three flights up a scruffy building in central Moscow, a small paper sign pasted on the wall directs visitors to Directorate R of the Moscow police. R stands for nothing: it was just the next code letter available in 1986 when the police decided to set up their own communications-security branch. These days the Directorate's bread-and-butter work is computer and mobile-phone fraud. But their biggest nightmare - and that of their counterparts in Western Europe and the U.S. - is digital attack. "This, unfortunately, is the future face of terrorism," says Dmitri Chepchugov, head of Directorate R. So far, politically motivated computer attacks have been irritations or embarrassments rather than full-blown catastrophes. Chinese hackers attacked some 1,200 sites, including the White House, the Department of Energy and the Air Force, defacing some sites and putting others temporarily out of service, during a standoff with Washington over a spy plane last year. Russians and Eastern Europeans did the same during the war in Kosovo, and Pakistani and Indian hackers are doing it right now. Over a period of several years, U.S. investigators believe hackers - probably from Russia - tunneled into department of Defense sites and illegally downloaded large quantities of technical defense research, all unclassified, according to the Pentagon. The leap from this kind of sporadic hacking to virtual terrorism is only a matter of time, specialists believe. "After every terrorist attack, security is tightened up and improved," Chepchugov remarks. "But these days you don't need to get a truck bomb into, say, a chemical plant or crash a plane into it. All you need is a group of hackers who get into the computerized control system, knock it out, and trigger a disaster." Michael Vatis - a former head of the FBI's National Infrastructure Protection Center, the lead U.S. federal agency for computer crime, cyberterrorism and cyberespionage - agrees. "We have seen a clear decision by terrorist groups like al-Qaeda to focus on critical infrastructures, financial networks and power grids," says Vatis, now director of the Institute for Security Technology Studies at Dartmouth College. "And they have developed expertise with computer systems for secure communications and planning attacks. The next step is to put the two together." The likely targets would be a country's power or water supply, gas and oil production or storage facilities, telecommunications or banking networks and transport or emergency services. Attackers could try to disrupt these systems during a conventional assault or, even worse, attempt to trigger a disaster by destroying them outright. Most government and many commercial organizations insulate the sensitive parts of their computer systems from the Internet. But it is harder to protect computerized systems from an inside job. This is what happened a little over two years ago in Russia, in an incident that briefly surfaced in the press and was quickly hushed up. In early 2000, officials say, a disgruntled employee of Gazprom, the oil and natural gas monopoly, helped a group of hackers seize for several hours the corporation's computer systems - including those regulating gas flow through the firm's pipelines. Gazprom subsequently denied press reports of the break-in. And, officials add, the politically powerful corporation was furious when the information was made public. "Heads rolled in the Interior Ministry after the newspaper report came out," says another senior official. But, this person adds, "We were very close to a major natural disaster." Chepchugov says there are some indications that at least one radical fundamentalist is showing interest in computers. The imam of Finsbury Park mosque in north London, Abu Hamza al-Masri (also known as Mustafa Kemal) "has gathered around himself a group of computer specialists," Chepchugov says. "This is indirect proof that Muslim extremists understand the potential of computer-based terrorism." Meanwhile, another Russian specialist in computer crime remarks, "I think our American friends are very interested in the Pakistan Hackerz Club [a pro-Pakistan hacker group]," which they apparently suspect of having contacts with radical groups. Al-Qaeda works like any other criminal group in the world of computers, says Anatoly Platonov of the Interior Ministry's Directorate K, which also deals with cybercrime. "They have the money and are looking for the brains." Sooner or later, specialists believe, they will find them. ------------------------ Yahoo! Groups Sponsor ---------------------~--> The FREE Server Security Guide shows you how: • DEPLOY THE LATEST ENCRYPTION and authentication techniques • DELIVER TRANSPARENT PROTECTION with the strongest security without disrupting users. And more. Get your FREE Guide now: http://us.click.yahoo.com/4tQ9vC/KyKEAA/Zr0HAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2003-08-24 02:46:32 PDT