Return-Path: <sentto-279987-1649-998928118-fc=all.net@returns.onelist.com> Delivered-To: fc@all.net Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Mon, 27 Aug 2001 09:04:09 -0700 (PDT) Received: (qmail 17025 invoked by uid 510); 27 Aug 2001 16:02:05 -0000 Received: from n29.groups.yahoo.com (216.115.96.79) by 204.181.12.215 with SMTP; 27 Aug 2001 16:02:05 -0000 X-eGroups-Return: sentto-279987-1649-998928118-fc=all.net@returns.onelist.com Received: from [10.1.4.52] by b05.egroups.com with NNFMP; 27 Aug 2001 16:02:00 -0000 X-Sender: ellisd@cs.ucsb.edu X-Apparently-To: iwar@yahoogroups.com Received: (EGP: mail-7_3_2); 27 Aug 2001 16:01:57 -0000 Received: (qmail 69588 invoked from network); 27 Aug 2001 15:43:01 -0000 Received: from unknown (10.1.10.26) by m8.onelist.org with QMQP; 27 Aug 2001 15:43:01 -0000 Received: from unknown (HELO n26.groups.yahoo.com) (10.1.2.134) by mta1 with SMTP; 27 Aug 2001 15:43:01 -0000 X-eGroups-Return: ellisd@cs.ucsb.edu Received: from [10.1.2.59] by fg.egroups.com with NNFMP; 27 Aug 2001 15:43:01 -0000 To: iwar@yahoogroups.com Message-ID: <9mdpq3+rjc1@eGroups.com> In-Reply-To: <200108271354.GAA04596@big.all.net> User-Agent: eGroups-EW/0.82 X-Mailer: eGroups Message Poster X-Originating-IP: 128.29.4.2 From: ellisd@cs.ucsb.edu Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Mon, 27 Aug 2001 15:42:59 -0000 Reply-To: iwar@yahoogroups.com Subject: [iwar] Re: Why 'conventional' terrorist groups Not utilizing Cyber Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit --- In iwar@y..., Fred Cohen <fc@a...> wrote: I think we have pretty similar views on most of the issues raised. > > I agree that bombs are more effective than web defacements. But I > > don't think they are more effective than more sinister attacks. > > More sinister attacks are far more complex to carry out as the level of > sinister and fear induction increases. Agreed. So an analysis of what makes them more complex is necessary? >This raises the cost, likelihood > of getting caught, and likelihood of failure. All things identified > groups avoid for the most part. Non sequitor. Does an increase in complexity lead to higher costs, an increase in attribution, or likely of failure? I think not for the first two, but I do agree with the last one. Higher costs are likely to be bounded by the amount of human effort required, which is a very low-order function. Attribution is only more likely as the heinousness of the attack grows. The more heinous, the more man power will be thrown at it from the victim to discern who to blame. However, even here, the law of diminishing returns plays a significant role. There is a tight asymptotic upper bound for attribution given conventional methods of traceback. [snip] > > > As for effect... There may be something here. I think they know the > > effect that they want to achieve (fear, anyway possible). As for what > > attacks will bring about that effect is a harder question. Web > > defacements have obviously fallen short of terror. Are there more > > sinister attacks that could have a greater effect, produce more > > terror, than a well-placed bomb? I think so. Are they cheaper or > > easier to execute than placing a bomb? I don't know. But I don't > > think they are an order of magnitude more expensive or harder to > > execute (assuming the proper expertise is in place). Dissensions > > welcome. > > Several to many orders of magnitude more expensive for a strong IW > attack than a pipe bomb. How did either of us come to our conclusion? Are we using Bayesian models to determine the unknown (based on the fact that few offensive instances have occured), an evaluation of how hard it would be for ourselves individually, or some other metric? Maybe we have different notions of a strong, offensive IW attack. I think that there is a lot of low-lying fruit. True, there are some IW attacks that I can think of that have a very high price tag associated with it; but, that is not true for all attacks. Some of the attacks require only domain knowledge, the skills I mentioned earlier, a small lab, and a few months. That can't be several orders of magnitude more expensive than a bomb (then again, my bomb-making skills are a little out-dated [humor for any FBI folks listening--I have never made a bomb]). > > Conclusion: if terrorists want to perform very sinister attacks, they > > need to: > > -understand what effect they want (terror) > > -what large system needs to be broken to achieve that effect > > -somebody who domain knowledge and knows how the system works and how > > to break it > > -somebody who can provide the low-level operations to do that Any other comments? ------------------------ Yahoo! Groups Sponsor ---------------------~--> Secure your servers with 128-bit SSL encryption! Grab your copy of VeriSign's FREE Guide, "Securing Your Web site for Business" and learn all about serious security. Get it Now! http://us.click.yahoo.com/aihfLB/oT7CAA/yigFAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-09-29 21:08:40 PDT