[ISN] Terrorism 101 With Eric Shaw

From: InfoSec News (isnat_private)
Date: Tue Apr 09 2002 - 00:51:33 PDT

  • Next message: InfoSec News: "[ISN] Cybercrime Conference Announcement (Chicago)"

    http://www.computerworld.com/cwi/story/0,1199,NAV47_STO69867,00.html
    
    By DAN VERTON 
    April 08, 2002
    
    Eric Shaw, a former CIA profiler and clinical psychologist who now
    consults for Stroz & Associates LLC, a cybersecurity firm in New York,
    takes Computerworld's Dan Verton inside the minds of terrorists.
    
    There's been a lot of speculation, even before Sept. 11, about the
    nation's vulnerability to an "electronic Pearl Harbor," or
    cyberterrorist attacks. But there has been little evidence that
    terrorists value cyberattacks. What has changed since Sept. 11?
    
    Shaw: There's still little evidence that traditional terrorist groups
    place a high priority on cyberattacks vs. using information technology
    for communication, command and control, and propaganda. Guns, bombs
    and vehicles [such as] trucks, planes and boats for delivery appear to
    be quite adequate for their needs, as the Sept. 11 attacks showed.
    
    I am worried that a new operational standard has been set up for
    imitation. I think we are going to see more attacks on relatively
    unprotected civilian sites and on individuals. The same trend may
    occur in this country as terrorists turn away from heavily fortified
    government facilities to less protected corporate sites.
    
    
    Are there any exceptions to the lack of terrorist interest in
    cyberattacks?
    
    Shaw: Yes. First, there are several types of nontraditional,
    politically motivated groups that cannot at present be considered
    terrorists that have utilized low-level cyberassaults, especially
    denial-of-service attacks. These groups often are referred to as
    members of antiglobalization, hacker, anarchist and other coalitions,
    often associated with our political left. They have actively organized
    and recruited individuals and groups for cyberattacks against their
    identified adversaries.
    
    Second, I am concerned about online or face-to-face recruitment of
    disgruntled IT specialists. For example, there were rumors earlier
    this year that an al-Qaeda affiliate had placed moles into Microsoft
    who had introduced Trojans into Windows XP. Though denied by the
    company, think of the potential impact.
    
    The IT field is one of the most international and ethnically diverse
    in this country, and its members . . . may represent a very attractive
    recruitment pool for terrorist organizations.
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.
    



    This archive was generated by hypermail 2b30 : Tue Apr 09 2002 - 03:32:17 PDT