[Moderator: One more piece on this.] Forwarded From: Kiera Wooley <kieraat_private> NEW YORK (CNNfn) - Seven hackers from Boston shook up a Senate committee hearing Tuesday by boasting that computer security is so lax, they could take down the entire Internet in half an hour. And the General Accounting Office chimed in with a pair of reports on the woeful state of computer security at the Federal Aviation Administration and the State Department. The Senate Governmental Affairs Committee was looking into the safety of the nation's public and private computer networks. And what it found wasn't pretty. "At risk are systems that control power distribution and utilities, phones, air traffic, stock exchanges, the Federal Reserve, and taxpayers' credit and medical records," said committee chairman Fred Thompson (R-Tennessee). "Unfortunately, government agencies are ill-prepared to address the situation," he added. One GAO report, called "Weak Computer Security Practices Jeopardize Flight Safety," said the FAA was "ineffective" in all critical areas of its computer security review. The GAO said FAA's failure to protect the nation's air traffic control systems, "could cause nationwide disruption of air traffic or even loss of life due to collisions." The State Department got slightly better marks. But when GAO investigators tried to hack the State Department's unclassified computer network, they were able to "view international financial data, travel arrangements, detailed network diagrams, a listing of valid users on local area networks, e-mail, and performance appraisals, among other sensitive data." They also able to download, delete and modify data, which might allow "dangerous individuals to enter the United States." The main attraction at the hearings was the testimony from seven computer experts who are part of an elite group of hackers called Lopht Heavy Industries. The hackers, who identified themselves only by their screen names, laid out a doomsday scenario, talking about everything from complete disruption of electrical power to transferring Federal Reserve funds. But Ira Winkler, president of Information Security Advisers, a computer security consultancy, cautioned, "These are not your average hackers. They're highly skilled people who try to find holes in commercial software." "They're the ones finding the latest hack for the Web, instead of finding the latest hack on the Web," Winkler said. "There's a big difference." Although the session was heavy on possible dangers, it was light on solutions. Sen. Thompson noted, "We, as a nation, cannot wait for the Pearl Harbor of the information age. We must increase our vigilance to tackle this problem before we are hit with a surprise attack." -o- Subscribe: mail majordomoat_private with "subscribe isn". Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:54:03 PDT