[ISN] Fanatics with Laptops: The Coming Cyber War

From: InfoSec News (isnat_private)
Date: Fri May 17 2002 - 02:42:15 PDT

  • Next message: InfoSec News: "[ISN] This hacker's got the gummy touch"

    Forwarded from: Bob <bobat_private>
    
    http://www.newsfactor.com/perl/story/17784.html
    
    Fanatics with Laptops: The Coming Cyber War
    By Tim McDonald
    NewsFactor Network
    May 16, 2002
    
    The blossoming of the Internet and its universal adoption have
    reinforced a trend toward interdependence of the world's political,
    economic and social systems.
    
    That increasing interdependence, however, becomes frightening when one
    considers that a next-generation cyber terrorist will likely not
    represent an aggressive world power.
    
    In terms of present-day vulnerability, such a terrorist could simply
    be a lone fanatic wielding a laptop. And the damage could be
    staggering.
    
    'Asymmetric Warfare'
    
    A study by the Rand Corporation in the mid-1990s found that it would
    be absurdly inexpensive to embark upon a cyber war.
    
    The military call it "asymmetric warfare," which means that the
    disadvantaged side must use unconventional weapons against the
    wealthier side if it is to have any chance of winning.
    
    Any country that can scrape together the price of a computer manual
    and that has a basic understanding of information systems
    infrastructure can train and motivate a misguided "patriot."
    
    Anonymous Warfare
    
    Due to recent advances in "attack technology," cyber warfare can be
    waged remotely and anonymously. This approach would make it much
    harder to find an attacker than it is, for example, to root out Al
    Qaeda forces along the border of Pakistan and Afghanistan.
    
    "Because of the advances in attack technology, a single attacker can
    relatively easily employ a large number of distributed systems to
    launch devastating attacks against a single victim," according to a
    report by the Computer Emergency Response Team (CERT), a major center
    for Internet security at Carnegie Mellon University.
    
    "As the automation of deployment and the sophistication of attack tool
    management both increase, the asymmetric nature of the threat will
    continue to grow," the report said.
    
    New Tactics: Poison and Hijacking
    
    CERT pointed out that the number of newly discovered flaws and
    vulnerabilities in computer software and Internet infrastructure more
    than doubles each year.
    
    Attackers are finding more ways to bypass firewalls and other security
    roadblocks. Some of the newer -- and nastier -- tactics involve
    attacks on the Internet domain name system (DNS), including cache
    poisoning and domain hijacking.
    
    Hackers are increasingly able to disguise the nature of attacks with
    anti-forensic tools and "polymorphic" attack tools that evolve
    rapidly, even while they are in the act of attacking.
    
    "In the last six months, I would say that we've seen their firepower
    increase -- we've seen them knock whole ISPs off the Net," SANS
    Institute director Stephen Northcutt told NewsFactor.
    
    "It's pretty hard to know what they're doing at the nation-state
    level, but I'd say there's very little doubt they have the same
    capability," Northcutt said.
    
    Continuing Consequences
    
    Businesses, especially large corporations, are becoming targets with
    increasing frequency. In the right hands, cyber attacks could wreak
    untold damage.
    
    According to a CERT report, "[Such attacks] would likely cross
    boundaries between government and private sectors and, if
    sophisticated and coordinated, would have both immediate impact and
    delayed consequences.
    
    "Ultimately, an unrestricted cyber attack would likely result in
    significant loss of life as well as economic and social degradation,"
    the report added.
    
    War Could Spill Over
    
    As the Arab-Israeli conflict continues to escalate, the odds of a
    full-scale cyber war grow. The first Arab-Israeli cyber war erupted in
    2000, when Israeli hackers attacked the site of a Hezbollah group in
    London. Arabs retaliated by attacking the main Israeli government site
    and the Israeli Foreign Ministry's site.
    
    Israel, like the United States, is a prime target. The tiny country
    has roughly 1.1 million Internet connections -- more than the number
    of connections in all 22 Arab countries combined -- and its economy is
    increasingly Internet-dependent.
    
    Arab terrorists also have made it clear that they are aware of which
    U.S. corporations do business with Israel. One such company, Lucent
    Technologies, found itself under attack in the last Israeli-Arab cyber
    skirmish.
    
    U.S. Defenses Improving
    
    How prepared is the United States? Not very, according to analysts.
    There has been some improvement, such as the Clinton Administration's
    10-step National Plan for Critical Infrastructure, drafted in 1999.
    
    Only in the past year has action been taken, however, by opening
    serious discussions about creating separate networks for critical
    federal agencies; granting computer security scholarships in return
    for national service; and increasing the budget for computer security.
    
    Using students from U.S. military academies as attackers, the
    Department of Defense has been running cyber security exercises
    against the National Security Agency, the U.S. Air Force's 92nd
    Information Warfare Aggressor Squadron, and the Army's Land
    Information Warfare Activity.
    
    What they have learned is that the "install-and-patch" system does not
    work, especially against a concentrated attack. Operating systems,
    they have concluded, need to be designed more securely from the
    outset.
    
    Special Response Teams
    
    Federal agencies have been required for two years to report hacking
    incidents or cyber attacks to the General Services Administration's
    (GSA) FedCIRC.
    
    The GSA, for its part, has been pushing for government agencies to set
    up special response teams so that incidents can be reported quickly
    and completely, allowing for detection of trends and establishment of
    effective counterstrategies.
    
    NASA set up such teams in 1993, while the Federal Aviation
    Administration established a team in March, and the Veterans Affairs
    agency has taken steps to follow suit.
    
    "September 11th raised awareness," said Sallie McDonald, assistant
    commissioner for the Office of Information Assurance and Critical
    Infrastructure Protection.
    
    "When agencies started dusting off their disaster recovery plans, they
    realized they need to have cyber-disaster recovery plans, too," she
    said.
    
    As events in Israel recently have shown, one person with a bomb
    strapped to his or her body can take a large economic toll, at an
    incalculable human cost.
    
    An equally fanatical individual, with a little more knowledge and a
    much lighter load, can, if we do not defend against it, use a laptop
    to do unimaginable damage at no personal cost whatsoever.
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Fri May 17 2002 - 06:51:51 PDT