[ISN] Low-Tech Humans Subvert High-Tech Information Assurance

From: InfoSec News (isnat_private)
Date: Mon Jan 21 2002 - 00:34:30 PST

Next message: InfoSec News: "RE: [ISN] Italian Police Nab Hacker Group"

Previous message: InfoSec News: "Re: [ISN] Italian Police Nab Hacker Group"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Forwarded from: kelley <kwalker2at_private>

http://www.us.net/signal/CurrentIssue/Jan02/low-jan.html

Low-Tech Humans Subvert High-Tech Information Assurance
By Col. Alan D. Campen, USAF (Ret.)
SIGNAL Magazine 2002

TEXT BLURB

The tragic events of September 11 provide ghastly substance to the 
metaphor of asymmetric warfare. And, they add credence to prescient 
but nebulous warnings of threats to homeland security and concomitant 
vulnerabilities of critical infrastructures. 

While public switched networks (PSNs), cellular telephones, wireless 
networks and the Internet--the backbone and heart of the U.S. 
information infrastructure--were not prime targets, the cascading 
consequence of collateral damage to information systems was laid bare. 
The information infrastructure was found wanting in support to 
intelligence collection, law enforcement, disaster mitigation and 
recovery efforts. 

A shortfall in network capacity, single-node sensitivity and the lack 
of interoperability among police, fire and first responder networks 
exposed gaps in the road to information assurance that cannot be 
filled solely with new technology, firewalls, anti-virus patches or 
cryptography.

A once indifferent but now belatedly aroused public clamors for 
government action, so money will be provided--perhaps thoughtlessly. 
The Information Technology Association of America proposes spending 
$10 billion for information technology (IT) security, and Senator 
Joseph Lieberman (D-CT) proposes a $1 billion IT fund to jump-start 
some of the more pressing security requirements in government and the 
private sector. But these resources may be wasted in fruitless quest 
of a technical silver bullet if we overlook problems created by humans 
who misuse available technology.

The United States has yet to conduct a comprehensive national threat 
assessment of its information systems. Nevertheless, the ability to 
transact business, operate government and respond to physical, 
chemical, biological or nuclear attacks will be constrained by the 
capacity, accessibility, reliability and security of the information 
infrastructure. 

[...]



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
of the mail.

Next message: InfoSec News: "RE: [ISN] Italian Police Nab Hacker Group"
Previous message: InfoSec News: "Re: [ISN] Italian Police Nab Hacker Group"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Jan 21 2002 - 03:47:31 PST