Forwarded from: Darren Reed <darrenrat_private> Forgive me for being insensitive, but will someone please explain what the World Trade Centre disaster has to do with Information Security ? I don't give a rats arse how much money Microsoft has given or how much equipment Cisco has donated. I think I've heard enough about it by now, as has the rest of the world, I imagine. I've observed my minute's silence for those who were unfortunate to be caught up in this madness and heck I was standing on top of #2 just a few weeks ago. Lets move on, eh? A more pertinent angle on this affair is do either the USA or terrorists have any plans to make further moves which involve IT: hacking web sites, launching huge DDoS attacks, HERF guns, attacking phone exchanges,or large Internet telehousing/exchanges, etc. If Bin Laden is a big user of crypto then isn't he just as prone to an IT attack/failure being disruptive as anyone in the USA? Of all of these, the most intesting is HERF. Why? Well, if large commercial site gets hit/targetted (lets say the NYSE) then does that provide the non-government world with the pick to the lock around TEMPEST ? Maybe the terrorist groups will use a nuke just to generate a large EMP and wipe out a city that way. Sure, it may be fiction in some movie or book, but so was flying a large plane into an American state building until last week...(yes, I read "Debt of Honor" some time ago, along with "Executive Orders"). Hitting NYC, or just the down town area with a large EMP would have a much more devastating effect, (if it was able to penetrate some of those old stone bulidings) than killing thousands, on the NYSE, with most of the big computer suppliers now running on lead times of "weeks" to prevent inventory buildup. Maybe those sort of weapons are too hard to build and operate for Bin Laden, maybe he's never heard of them - lets hope he hasn't or it's just too hard for him to make. Anyway, this is more appropriate for a risks forum now than here...but please, no more WTC stuff, eh, unless it has a direct relationship with IT security ? Darren - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue Sep 18 2001 - 08:24:31 PDT