[ISN] Businesses prepare to combat cyberterrorism

From: InfoSec News (isnat_private)
Date: Sun Sep 23 2001 - 23:23:46 PDT

  • Next message: InfoSec News: "[ISN] Telco under cyber attack"

    By KATHERINE PFLEGER, Associated Press 
    WASHINGTON (September 21, 2001 3:25 p.m. EDT) - Some fear last week's
    attacks could prompt cyberterrorists to try to disrupt the computer
    world, a move that could further damage already wounded businesses.
    "I don't think it's out of the realm of possibilities that
    cyberterrorism could be used as one ingredient of a larger plan or
    perhaps another mechanism to create disturbance," said Bob Cohen,
    senior vice president of the Information Technology Association of
    America, a trade group.
    In the past, cyberterrorists have shown a propensity to strike during
    international conflicts. Most have been minor invasions that are more
    annoying than disruptive, such as defacing Web sites or "denial of
    service" attacks that slow down or halt computer systems by flooding
    them with information.
    But there is a potential for a more skilled cyberterrorist to disrupt
    systems for hospitals, power grids, banks and other key institutions.
    "If we saw a truly comprehensive and destructive attack on a critical
    infrastructure - where it was well-planned, well-targeted - it could
    clearly have a destructive impact," said Michael Vatis, director of
    the Institute for Security Technology Studies at Dartmouth College.
    Lawrence Gershwin, the CIA's top adviser on science and technology
    issues, told Congress in June that traditional terrorists are less
    likely to pursue computer attacks. But that could change, he said.
    "Bombs still work better than bytes," he told the Joint Economic
    Committee. "But we anticipate more substantial cyber threats are
    possible in the future as a more technically competent generation
    enters the ranks."
    The FBI's National Infrastructure Protection Center is on the lookout
    for cyberterrorists and last week issued a warning about "patriot
    hackers" - people trying to target those thought responsible for the
    terrorist attacks.
    NIPC also is investigating the "Nimda" worm, a viruslike program that
    spreads rapidly and has been infecting computers running Microsoft's
    Windows operating system. Attorney General John Ashcroft has said
    there is no evidence linking the worm to the terrorist attacks.
    Consultants like John Pescatore, research director for Internet
    security at Gartner Inc., have been advising clients on how to handle
    cyberterrorism threats, which he expects will occur if the U.S.
    military begins assaults on terrorist camps in Afghanistan and
    "It's the low-hanging fruit," Pescatore said. And "companies haven't
    made much progress against denial of service attacks."
    He and other experts are advising companies to take steps now to avoid
    problems later. Among them: make sure they have the most recent
    antivirus software, install security programs that include firewalls
    and encryption and increase user awareness.
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Mon Sep 24 2001 - 01:53:56 PDT