Forwarded from: Bob <firstname.lastname@example.org> http://www.newsfactor.com/perl/story/17784.html Fanatics with Laptops: The Coming Cyber War By Tim McDonald NewsFactor Network May 16, 2002 The blossoming of the Internet and its universal adoption have reinforced a trend toward interdependence of the world's political, economic and social systems. That increasing interdependence, however, becomes frightening when one considers that a next-generation cyber terrorist will likely not represent an aggressive world power. In terms of present-day vulnerability, such a terrorist could simply be a lone fanatic wielding a laptop. And the damage could be staggering. 'Asymmetric Warfare' A study by the Rand Corporation in the mid-1990s found that it would be absurdly inexpensive to embark upon a cyber war. The military call it "asymmetric warfare," which means that the disadvantaged side must use unconventional weapons against the wealthier side if it is to have any chance of winning. Any country that can scrape together the price of a computer manual and that has a basic understanding of information systems infrastructure can train and motivate a misguided "patriot." Anonymous Warfare Due to recent advances in "attack technology," cyber warfare can be waged remotely and anonymously. This approach would make it much harder to find an attacker than it is, for example, to root out Al Qaeda forces along the border of Pakistan and Afghanistan. "Because of the advances in attack technology, a single attacker can relatively easily employ a large number of distributed systems to launch devastating attacks against a single victim," according to a report by the Computer Emergency Response Team (CERT), a major center for Internet security at Carnegie Mellon University. "As the automation of deployment and the sophistication of attack tool management both increase, the asymmetric nature of the threat will continue to grow," the report said. New Tactics: Poison and Hijacking CERT pointed out that the number of newly discovered flaws and vulnerabilities in computer software and Internet infrastructure more than doubles each year. Attackers are finding more ways to bypass firewalls and other security roadblocks. Some of the newer -- and nastier -- tactics involve attacks on the Internet domain name system (DNS), including cache poisoning and domain hijacking. Hackers are increasingly able to disguise the nature of attacks with anti-forensic tools and "polymorphic" attack tools that evolve rapidly, even while they are in the act of attacking. "In the last six months, I would say that we've seen their firepower increase -- we've seen them knock whole ISPs off the Net," SANS Institute director Stephen Northcutt told NewsFactor. "It's pretty hard to know what they're doing at the nation-state level, but I'd say there's very little doubt they have the same capability," Northcutt said. Continuing Consequences Businesses, especially large corporations, are becoming targets with increasing frequency. In the right hands, cyber attacks could wreak untold damage. According to a CERT report, "[Such attacks] would likely cross boundaries between government and private sectors and, if sophisticated and coordinated, would have both immediate impact and delayed consequences. "Ultimately, an unrestricted cyber attack would likely result in significant loss of life as well as economic and social degradation," the report added. War Could Spill Over As the Arab-Israeli conflict continues to escalate, the odds of a full-scale cyber war grow. The first Arab-Israeli cyber war erupted in 2000, when Israeli hackers attacked the site of a Hezbollah group in London. Arabs retaliated by attacking the main Israeli government site and the Israeli Foreign Ministry's site. Israel, like the United States, is a prime target. The tiny country has roughly 1.1 million Internet connections -- more than the number of connections in all 22 Arab countries combined -- and its economy is increasingly Internet-dependent. Arab terrorists also have made it clear that they are aware of which U.S. corporations do business with Israel. One such company, Lucent Technologies, found itself under attack in the last Israeli-Arab cyber skirmish. U.S. Defenses Improving How prepared is the United States? Not very, according to analysts. There has been some improvement, such as the Clinton Administration's 10-step National Plan for Critical Infrastructure, drafted in 1999. Only in the past year has action been taken, however, by opening serious discussions about creating separate networks for critical federal agencies; granting computer security scholarships in return for national service; and increasing the budget for computer security. Using students from U.S. military academies as attackers, the Department of Defense has been running cyber security exercises against the National Security Agency, the U.S. Air Force's 92nd Information Warfare Aggressor Squadron, and the Army's Land Information Warfare Activity. What they have learned is that the "install-and-patch" system does not work, especially against a concentrated attack. Operating systems, they have concluded, need to be designed more securely from the outset. Special Response Teams Federal agencies have been required for two years to report hacking incidents or cyber attacks to the General Services Administration's (GSA) FedCIRC. The GSA, for its part, has been pushing for government agencies to set up special response teams so that incidents can be reported quickly and completely, allowing for detection of trends and establishment of effective counterstrategies. NASA set up such teams in 1993, while the Federal Aviation Administration established a team in March, and the Veterans Affairs agency has taken steps to follow suit. "September 11th raised awareness," said Sallie McDonald, assistant commissioner for the Office of Information Assurance and Critical Infrastructure Protection. "When agencies started dusting off their disaster recovery plans, they realized they need to have cyber-disaster recovery plans, too," she said. As events in Israel recently have shown, one person with a bomb strapped to his or her body can take a large economic toll, at an incalculable human cost. An equally fanatical individual, with a little more knowledge and a much lighter load, can, if we do not defend against it, use a laptop to do unimaginable damage at no personal cost whatsoever. - ISN is currently hosted by Attrition.org To unsubscribe email email@example.com with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Fri May 17 2002 - 06:51:51 PDT