Forwarded From: Aleph One <aleph1at_private> http://www.wired.com/news/news/technology/story/12915.html US' 'Soft, Digital Underbelly' Reuters 1:10pm 11.Jun.98.PDT WASHINGTON -- The head of a new US cyber law-enforcement agency says a half dozen substantial attacks have been launched against government computer systems since February. "A good percentage of the incidents we see ... involve [the Department of Defense], because DOD is such a prime target for even individual hackers who want to test their skills," said Michael Vatis, the chief of the National Infrastructure Protection Center of the FBI. "They see the Department of Defense as the big banana, the final exam, the ultimate challenge to test their skills." Vatis testified Wednesday before the Senate Judiciary Subcommittee on Technology, Terrorism, and Government Information, which met to hear from administration officials about the latest steps to counter attacks on critical US computer infrastructure. Vatis refused to elaborate on the attacks, saying pending investigations prevented him from doing so. But Vatis did respond to lawmakers when asked how many attacks he had witnessed since February -- when his agency was created -- were considered "substantial" and separate from routine hacks. "I would say somewhere in the vicinity of a half dozen of what I would consider substantial," he said. "Ones that we are still investigating to determine in fact whether they are significant or whether they're really part of the noise that exists almost everyday." Those attacks would include breaches by the Isreali teenage cracker known as Analyzer, who in February claimed to have gained high-level access to as many as 400 unclassified government and military computer systems, and an attack on other federal networks believed to have been carried out by two teenagers whom Analyzer claimed to have tutored. Senators were also briefed on last year's Department of Defense exercise, which exposed US vulnerabilities to cyber attack. The National Infrastructure Protection Center was formed to root out and investigate unlawful acts involving intrusions and other threats against vital infrastructures. Arizona Republican Senator Jon Kyl, the subcommittee chairman, said the US should gird for a cyber attack against military computers with the same urgency as the military prepared for more traditional physical attacks. "Today, because of the networked nature of our critical infrastructures, our enemies needn't risk attacking our strong military if they can much more easily attack our soft, digital underbelly," Kyl said. Last month, President Clinton signed two directives designed to strengthen defenses against terrorism and other unconventional threats. At the same time, working groups comprised of experts from the public and private sectors were formed to produce a coordinated strategy. Administration studies showed that an attack by a foreign government, or by domestic or foreign terrorists, could not only harm military operations but disrupt banking and finance, cause power outages, interrupt transportation nodes, and crash entire communications networks. Vatis said some of the immediate concerns include determining a budget, creating an attack detection and warning system, determining legal authority and legislative requirements, and devising a cohesive intelligence collection process. In late February, the Pentagon and FBI investigated a series of successful efforts by crackers to obtain information from military computers. The break-ins came at the same time US forces were being marshaled for a possible attack on Iraq. -o- Subscribe: mail majordomoat_private with "subscribe isn". Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:55:49 PDT