RE: [ISN] Cyber terrorism is 'fantasy'

From: InfoSec News (isnat_private)
Date: Sun Dec 02 2001 - 23:55:05 PST

  • Next message: InfoSec News: "[ISN] Cybersecurity chief says he doesn't want to change crypto rules -- yet"

    Forwarded from: Rob Rosenberger <junkmailat_private>
    Let's take a statistic of roughly 200 hard disk reformats per month
    per air force base for numerous arbitrary reasons.  The colonel wants
    a new OS, or the secretary can't get her machine to act right, or the
    captain deleted CMD.EXE because he didn't need a program that just
    displays a copyright notice, or the airman gets a hand-me-down
    upgrade, or a contractor takes over a cubicle.  "Thanks, sarge.  What
    happened to all the data?"  It's gone; I blew it away.  "Ouch.  Oh
    well.  Thank goodness we haven't moved to the paperless office."
    Let's take another statistic of 100 air force bases worldwide, times
    12 months...  We can speculate our mighty zoomie electron defenders
    reformat roughly a quarter-million hard disks each year.  And that's
    just USAF.  Add the Army and the Navy and various purple-suit
    agencies: I suggest multiplying this number by three.  We can
    speculate DoD reformats roughly a million hard disks each year.
    A million per year, and I didn't even talk about all the hard disks
    reformatted each year by the civilian government.  Reformatted each
    year by the Fortune 1000.  Reformatted each year by countless small
    businesses. Reformatted each year by countless individuals.
    Okay, now let's insert the word "virus" in this argument.  Let's
    suppose a virus comes along and wipes out a million hard disks in two
    days.  "What happened to all the data?"  It's gone; the virus blew it
    Go on: predict the mayhem.  How many quintillions of $$$ will we lose?
    -----Original Message-----
    From: owner-isnat_private [mailto:owner-isnat_private]On Behalf
    Of InfoSec News
    Sent: Friday, 30 November 2001 5:28 AM
    To: isnat_private
    Subject: Re: [ISN] Cyber terrorism is 'fantasy'
    Forwarded from: Gary Warner <garat_private>
    The thing about viruses, is that so far we have not encountered a
    talented rapid-spread-virus author who wished to "destroy the world".
    I mean, Code Red was not nice, and Nimda was not nice, but imagine how
    much less nice they would have been if they launched their attack, and
    then formatted your C:\ drive!  Could they have done that?
    Certainly!  Why did they not do that?  Because their purpose was not
    to "destroy the world".  How many "end-users" in your own
    organizations have triggered one of the recent mail-all-my-contacts
    type Outlook viruses?  How many would be up the Proverbial Creek sans
    Paddle if the virus had decided to delete their "My Documents"
    directory?  or all their directories?  or look for all mapped network
    drives and delete all files?
    The fact that this has not happened is one of the greatest blessings
    we have received, and yet, it has also lulled us into a false sense of
    security.  Upper Management reads about the Love Bug virus, looks
    around, and notices the world has not ended.  They then conclude that
    the world will not end in the future.  Code Red?  No problem.  Our
    servers survived.  Good, we don't have to worry about tightening our
    security I guess.
    My greatest fear is that someone with malicious intent *IS* behind
    these viruses, and that they have thus far been demonstrating their
    ability to create a high spread virus to prove their skills to someone
    who may wish to pay them to "destroy the world".  What I was thinking
    when I watched the Code Red spread was "what a great way to make a
    list of drones/zombies!"  Launch my attack, and then start monitoring
    on a Class B network for boxes that begin attacking me back.  Sense I
    know the method I used to spread my virus, I now have a list of boxes
    that can be instantly "owned" with a far more devastating payroll any
    time in the near future. How many machines was that?  200,000?
    300,000? 500,000?  What company, domain, or network could you NOT DOS
    with 100,000 zombies in your control?
    I know, I know, I am painting dark fantasies.  But I consider the line
    in my job description that says "and other responsibilities determined
    to benefit the corporation" to mean "assume a position of total
    paranoia and prepare us for the worst".
    Just my 2 cents worth,
    ISN is currently hosted by
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Mon Dec 03 2001 - 01:41:02 PST