[iwar] [fc:Fanatics.with.Laptops:.The.Coming.Cyber.War]

From: Fred Cohen (fc@all.net)
Date: 2002-05-17 06:13:50


Return-Path: <sentto-279987-4675-1021641146-fc=all.net@returns.groups.yahoo.com>
Delivered-To: fc@all.net
Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Fri, 17 May 2002 06:23:08 -0700 (PDT)
Received: (qmail 22940 invoked by uid 510); 17 May 2002 13:20:26 -0000
Received: from n28.grp.scd.yahoo.com (66.218.66.84) by all.net with SMTP; 17 May 2002 13:20:26 -0000
X-eGroups-Return: sentto-279987-4675-1021641146-fc=all.net@returns.groups.yahoo.com
Received: from [66.218.67.192] by n28.grp.scd.yahoo.com with NNFMP; 17 May 2002 13:12:26 -0000
X-Sender: fc@red.all.net
X-Apparently-To: iwar@onelist.com
Received: (EGP: mail-8_0_3_2); 17 May 2002 13:12:26 -0000
Received: (qmail 41310 invoked from network); 17 May 2002 13:12:25 -0000
Received: from unknown (66.218.66.218) by m10.grp.scd.yahoo.com with QMQP; 17 May 2002 13:12:25 -0000
Received: from unknown (HELO red.all.net) (12.232.72.152) by mta3.grp.scd.yahoo.com with SMTP; 17 May 2002 13:12:25 -0000
Received: (from fc@localhost) by red.all.net (8.11.2/8.11.2) id g4HDDoc23587 for iwar@onelist.com; Fri, 17 May 2002 06:13:50 -0700
Message-Id: <200205171313.g4HDDoc23587@red.all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL3]
From: Fred Cohen <fc@all.net>
X-Yahoo-Profile: fcallnet
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com>
Date: Fri, 17 May 2002 06:13:50 -0700 (PDT)
Subject: [iwar] [fc:Fanatics.with.Laptops:.The.Coming.Cyber.War]
Reply-To: iwar@yahoogroups.com
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

Fanatics with Laptops: The Coming Cyber War

Tim McDonald, www.NewsFactor.com, 5/25/02
<a href="http://story.news.yahoo.com/news?tmpl=story&cid=75&ncid=738&e=8&u=/nf/20020516/tc_nf/17784">http://story.news.yahoo.com/news?tmpl=story&cid=75&ncid=738&e=8&u=/nf/20020516/tc_nf/17784>

The blossoming of the Internet and its universal adoption have
reinforced a trend toward interdependence of the world's political,
economic and social systems.


* U.S.: Cyber Strike Could Earn Military Response  * Cyber Security Key
to New U.S Initiative  * Both Sides Using Internet in Terrorism War

That increasing interdependence, however, becomes frightening when one
considers that a next-generation cyber terrorist will likely not
represent an aggressive world power.

In terms of present-day vulnerability, such a terrorist could simply be
a lone fanatic wielding a laptop. And the damage could be staggering.

'Asymmetric Warfare'

A study by the Rand Corporation in the mid-1990s found that it would be
absurdly inexpensive to embark upon a cyber war.

The military call it "asymmetric warfare," which means that the
disadvantaged side must use unconventional weapons against the wealthier
side if it is to have any chance of winning.

Any country that can scrape together the price of a computer manual and
that has a basic understanding of information systems infrastructure can
train and motivate a misguided "patriot."

Anonymous Warfare

Due to recent advances in "attack technology," cyber warfare can be
waged remotely and anonymously. This approach would make it much harder
to find an attacker than it is, for example, to root out Al Qaeda forces
along the border of Pakistan and Afghanistan (news - web sites).

"Because of the advances in attack technology, a single attacker can
relatively easily employ a large number of distributed systems to launch
devastating attacks against a single victim," according to a report by
the Computer Emergency Response Team (CERT), a major center for Internet
security at Carnegie Mellon University.

"As the automation of deployment and the sophistication of attack tool
management both increase, the asymmetric nature of the threat will
continue to grow," the report said.

New Tactics: Poison and Hijacking

CERT pointed out that the number of newly discovered flaws and
vulnerabilities in computer software and Internet infrastructure more
than doubles each year.

Attackers are finding more ways to bypass firewalls and other security
roadblocks. Some of the newer -- and nastier -- tactics involve attacks
on the Internet domain name system (DNS), including cache poisoning and
domain hijacking.

Hackers are increasingly able to disguise the nature of attacks with
anti-forensic tools and "polymorphic" attack tools that evolve rapidly,
even while they are in the act of attacking.

"In the last six months, I would say that we've seen their firepower
increase -- we've seen them knock whole ISPs off the Net," SANS
Institute director Stephen Northcutt told NewsFactor.

"It's pretty hard to know what they're doing at the nation-state level,
but I'd say there's very little doubt they have the same capability,"
Northcutt said.

Continuing Consequences

Businesses, especially large corporations, are becoming targets with
increasing frequency. In the right hands, cyber attacks could wreak
untold damage.

According to a CERT report, "[Such attacks] would likely cross
boundaries between government and private sectors and, if sophisticated
and coordinated, would have both immediate impact and delayed
consequences.

"Ultimately, an unrestricted cyber attack would likely result in
significant loss of life as well as economic and social degradation,"
the report added.

War Could Spill Over

As the Arab-Israeli conflict continues to escalate, the odds of a
full-scale cyber war grow. The first Arab-Israeli cyber war erupted in
2000, when Israeli hackers attacked the site of a Hezbollah group in
London. Arabs retaliated by attacking the main Israeli government site
and the Israeli Foreign Ministry's site.

Israel, like the United States, is a prime target. The tiny country has
roughly 1.1 million Internet connections -- more than the number of
connections in all 22 Arab countries combined -- and its economy is
increasingly Internet-dependent.

Arab terrorists also have made it clear that they are aware of which
U.S. corporations do business with Israel. One such company, Lucent
(news - web sites) Technologies (NYSE: LU - news), found itself under
attack in the last Israeli-Arab cyber skirmish.

U.S. Defenses Improving

How prepared is the United States? Not very, according to analysts.
There has been some improvement, such as the Clinton Administration's
10-step National Plan for Critical Infrastructure, drafted in 1999.

Only in the past year has action been taken, however, by opening serious
discussions about creating separate networks for critical federal
agencies; granting computer security scholarships in return for national
service; and increasing the budget for computer security.

Using students from U.S. military academies as attackers, the Department
of Defense (news - web sites) has been running cyber security exercises
against the National Security Agency, the U.S. Air Force's 92nd
Information Warfare Aggressor Squadron, and the Army's Land Information
Warfare Activity.

What they have learned is that the "install-and-patch" system does not
work, especially against a concentrated attack. Operating systems, they
have concluded, need to be designed more securely from the outset.

Special Response Teams

Federal agencies have been required for two years to report hacking
incidents or cyber attacks to the General Services Administration's
(GSA) FedCIRC.

The GSA, for its part, has been pushing for government agencies to set
up special response teams so that incidents can be reported quickly and
completely, allowing for detection of trends and establishment of
effective counterstrategies.

NASA (news - web sites) set up such teams in 1993, while the Federal
Aviation Administration (news - web sites) established a team in March,
and the Veterans Affairs agency has taken steps to follow suit.

"September 11th raised awareness," said Sallie McDonald, assistant
commissioner for the Office of Information Assurance and Critical
Infrastructure Protection.

"When agencies started dusting off their disaster recovery plans, they
realized they need to have cyber-disaster recovery plans, too," she
said.

As events in Israel recently have shown, one person with a bomb strapped
to his or her body can take a large economic toll, at an incalculable
human cost.

An equally fanatical individual, with a little more knowledge and a much
lighter load, can, if we do not defend against it, use a laptop to do
unimaginable damage at no personal cost whatsoever.

------------------------ Yahoo! Groups Sponsor ---------------------~-->
Take the Yahoo! Groups survey for a chance to win $1,000.
Your opinion is very important to us!
http://us.click.yahoo.com/NOFBfD/uAJEAA/Ey.GAA/kgFolB/TM
---------------------------------------------------------------------~->

------------------
http://all.net/ 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 



This archive was generated by hypermail 2.1.2 : 2003-08-24 02:46:32 PDT