Re: [ISN] Prospect of Iraq conflict raises new cyberattack fears

From: InfoSec News (isnat_private)
Date: Tue Oct 01 2002 - 02:06:12 PDT

  • Next message: InfoSec News: "Re: [ISN] Start-up banks on hack-proof Linux"

    Forwarded from:
    Cc: DAN_VERTONat_private
    Please see my comments inside.
    > If history is a guide, any Bush administration plan to remove Saddam
    > Hussein from power in Iraq would likely set off a firestorm of
    > hacker activity targeting U.S. networks and infrastructure.
    Pardon my ignorance, but could someone point me to a substantional
    attack against US "infrastructure"? It is well possible that there
    might be an increase in site defacements with anti-US, anti-war,
    pro-Saddam, whatever else messages. Is that an attack on
    infrastructure? I doubt that.
    > And those attacks could be greater in number and affect a broader
    > cross-section of U.S. businesses than anything seen before,
    > according to intelligence experts.
    Then again, they could be insignificant and noticed by noone but the
    good folks at alldas. Which 'experts' are quoted here?
    > However, any significant expansion of the U.S.-led war against
    > terrorism, including an invasion of Iraq, could unleash an
    > unprecedented wave of hacker activity, intelligence and security
    > experts said.
    > A second group includes a mixture of U.S. and European-based antiwar
    > hackers, said Shaw. "Think about [groups] of young, liberal, elite,
    > Western-educated youth [coming out] against the war. It would be a
    > lot smaller than the Vietnam generation but could still be potent,"
    > he said.
    Is there any evidence at all that there indeed IS a group of young,
    liberal, elite, western-educated youth hacking against war in Iraq?
    Other than self- proclaimed patriots defacing web sites, that is?
    > Ruth David, former director of science and technology at the CIA and
    > now CEO of Analytic Services Inc. in Arlington, Va., said an
    > orchestrated attack exploiting well-known vulnerabilities could be
    > launched with little regard for precise targeting, and could cause
    > significant disruption and financial loss to the "softest targets,"
    > the bulk of which are in the private sector.
    This seems to be illogical to me. Either there is an targeted attack,
    a "firestorm" aimed at US infrastructure, or there is an attack with
    little regard for precise targeting (however that my be
    "orchestrated"). Now, the latest Apache worm was pretty much without
    targeting. Does that count as an attack on national infrastructure?
    Has there been "significant" disruption in the private sector?
    > The Bush administration has formally stated that it is the policy of
    > the U.S. to respond to cyberattacks by any means appropriate,
    > including military action.
    I'm sure that the hax0rs of the world fear a cruise missile strike
    against their home while defacing another misconfigured box.
    > "Such an attack could significantly debilitate U.S. and allied
    > information networks," the Dartmouth study concluded. That report
    > was written under the guidance of Michael Vatis, a former director
    > of the FBI's National Infrastructure Protection Center.
    What attack could? The attack on US infrastructure mentioned in the
    first chapter? Or the attack on business ("soft spots")? Or maybe the
    orchestrated non-targeted attack exploiting well-known security holes?
    If it it is possible to disrupt "U.S. and allied information networks"
    exploiting well-known security holes then I'm sorry but they'd get
    what they deserve. Otherwise I can't see a connection between some
    sort of worm, a group of hackers or a bored teenager owning a couple
    of boxes with ssl, sshd or whatever and US military information
    networks, with a DoS being a possible exception.
    > "Since Sept. 11, companies have had to re-examine the various types
    > of crises that can impact them, from bioterrorism to computer
    > terrorism," said Steve Wilson, president of The Wilson Group, a
    > crisis management consulting firm in Columbus, Ohio. "However, it's
    > not just the typical hacker they have to be concerned with now. They
    > can just as easily be a terrorist target as any government
    > installation."
    Do they? How is Sept. 11 connected to this? I've yet to see the
    powerful cyber attack that takes out critical infrastructure or bigger
    parts of the economy in connection with terrorism. Unless a bored
    hacker somewhere in the world DoS-ing an ISP because of some IRC war
    is labelled a "terrorist" these days.
    Best regards,
    ISN is currently hosted by
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Tue Oct 01 2002 - 05:28:51 PDT