Return-Path: <sentto-279987-1896-1000501126-fc=all.net@returns.onelist.com> Delivered-To: fc@all.net Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Fri, 14 Sep 2001 14:01:09 -0700 (PDT) Received: (qmail 7684 invoked by uid 510); 14 Sep 2001 20:59:07 -0000 Received: from n21.groups.yahoo.com (216.115.96.71) by 204.181.12.215 with SMTP; 14 Sep 2001 20:59:07 -0000 X-eGroups-Return: sentto-279987-1896-1000501126-fc=all.net@returns.onelist.com Received: from [10.1.4.55] by ci.egroups.com with NNFMP; 14 Sep 2001 20:58:46 -0000 X-Sender: fc@big.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-7_3_2_2); 14 Sep 2001 20:58:46 -0000 Received: (qmail 8281 invoked from network); 14 Sep 2001 19:14:10 -0000 Received: from unknown (10.1.10.26) by l9.egroups.com with QMQP; 14 Sep 2001 19:14:10 -0000 Received: from unknown (HELO big.all.net) (65.0.156.78) by mta1 with SMTP; 14 Sep 2001 19:14:10 -0000 Received: (from fc@localhost) by big.all.net (8.9.3/8.7.3) id MAA28192 for iwar@onelist.com; Fri, 14 Sep 2001 12:14:09 -0700 Message-Id: <200109141914.MAA28192@big.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL1] From: Fred Cohen <fc@all.net> Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Fri, 14 Sep 2001 12:14:09 -0700 (PDT) Reply-To: iwar@yahoogroups.com Subject: [iwar] Experts: Cyber violence expected following Tuesday's attacks Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Experts: Cyber violence expected following Tuesday's attacks By Gwen Ackerman JERUSALEM (September 14) - In the aftermath of the terrorist attack on the World Trade Center and the Pentagon, US authorities are concentrating on locating the survivors, caring for the injured, determining the identity of the perpetrators and debating how to respond. But what should not be overlooked, terrorist experts say, is the potential for a cyber conflict launched by those seeking to avenge the death of countrymen that could spiral out of control, in much the same way that the Palestinian intifada spawned a spate of Mideast cyber violence. Ben Venzke, CEO of Tempest Publishing and its intelligence group IntelCenter that specializes in terrorism, national security issues and cyber threats, notes that the first stage of such a conflict has already been launched. Venzke says that shortly after the Tuesday attacks, US supporters began posting messages on Internet bulletin boards calling for attacks and posting target intelligence pinpointing Arab networks and Muslim extremist sites. That kind of the activity is the precursor of additional stages of cyber conflict which moves from the bulletin boards to discussion boards and chat rooms, then on to purpose-built lists and on-line communities. From there the move is a short one to intelligence collection and targeting, then public and private attacks, notes Venzke, who authored a detailed report on the Israel-Palestinian cyber conflict. "Never before have nations had to deal with patriotic populations that have the ability to launch potentially damaging strikes against another country on their own initiative," he noted in an e-mail. "In the past, the fact that not everyone had an ICBM sitting in their living room or a B-2 bomber parked in their driveway prevented individual citizens from launching their own attacks. These same barriers don't exist in the cyber realm." Drawing on lessons learned from the Israeli-Palestinian conflict, Venzke defines two classes of targets: * Targets of opportunity that can include anything from non-profit organizations and mom-and-pop shops to multinational corporations and government agencies. * High-profile targets attacked because of the attackers' perception of what they represent or the services they provide to another organization. At the height of the Mideast cyber conflict last fall, files on the Knesset were erased or lifted, the Foreign Ministry site was toppled off the Web, and the IDF had to move its site to an international server to fend off attacks. Most assaults were defined as being a nuisance, such as defacements or denial of service campaigns that flooded a site with traffic, forcing it to close down for a time but doing no permanent damage. But Venzke warns that many of those public attacks covered up the activities of a skilled cracker working behind the scenes to gain root access to targeted systems. "We are going to see more of this type of cyber-based protest/action/conflict in the future when tensions in the physical realm rise," he said, calling for all-around vigilance. Venzke is not alone in predicting a move from physical to cyber violence. The Giga Information Group, in response to a client inquiry, released yesterday a set of guidelines instructing organizations how to protect themselves from potential terrorist activity on the Internet. Noting that only a few months ago rising tension between the US and China set off an unsanctioned hacking war, Giga predicted that "there will undoubtedly be a cyber component to [Tuesday's] events in some form or another." "Just because attention is diverted to the physical world, it does not mean that the cyber world is sleeping," Giga said. "There may very well be cyber attacks under way, or planned for the near future, as a result of today's events." To defend against such assaults, Giga recommended, in consultation with the FBI, that organizations "lock down the Internet" by turning off all unnecessary Internet services, updating intrusion detection signatures and virus signatures and by installing any patches to known security glitches. In Israel, government Internet experts said that if the cyber violence spilled over into the region, they would be ready. Ori Noy, director of the Information and Internet Division at the Foreign Ministry, said that since the attacks on Israeli government sites almost a year ago, many steps had been taken to insure the country's cyber borders. In fact, denial of service and hacker attacks on the Foreign Ministry site have become a daily affair, they just differ in intensity, said Noy. "We have received no special warning and taken no special steps at the moment, but we are always being attacked and always ready," he said. ------------------------ Yahoo! Groups Sponsor ---------------------~--> Secure all your Web servers now: Get your FREE Guide and learn to: DEPLOY THE LATEST ENCRYPTION, DELIVER TRANSPARENT PROTECTION, and More! http://us.click.yahoo.com/k0k.gC/nT7CAA/yigFAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-09-29 21:08:43 PDT