Forwarded from: security curmudgeon <jerichoat_private> > The following message from Richard Clarke is forwarded: > > From: Richard Clarke > To: All ISAC's > > The events of the last weekend demonstrate yet again how vulnerable > our society is to cyberspace attacks. The Sapphire Worm was > essentially a dumb worm that was easily and cheaply made. It > attacked only one vulnerability on one piece of software from one > vendor for one type of machine. Moreover, that vulnerability was one > for which a patch had been available for many months. Nonetheless, > the results of the worm were significant. It spread to hundreds of > thousands of machines in less than 15 minutes. It disabled some > root servers, the heart of internet traffic. Although it was aimed > at servers, it caused routers to flop and cease to function. Some > airline flights were delayed or cancelled. Some banking functions > ceased. A national election/referendum in Canada was canceled. > Workers were sent home at some major US companies. Anyone else find this deeply disturbing (read: pathetic)? Disabled root servers? Uh.. who is responsible for these servers? The ones that are a vital part of the backbone of the net? Why aren't they being bitch slapped for negligence? They run one of the most vital pieces of the puzzle we call the Internet, and a six month old microsoft vulnerability can bring them to their knees? Anyone else see this as a problem? Airline flights were delayed or cancelled? Could someone please make public which airlines are f*cking stupid enough to use the internet for ANY part of their operation? Which of these geniuses decided that the cesspool of 1's and 0's was a good option for routing their traffic? If these aren't the airlines mid bankruptcy I'd be shocked. Banking functions ceased? Is this reference to the network of ATMs that were suddenly unavailable? Can anyone else remember when ATMs were not a part of daily life, and withdrawing cash began with "Hi I'm fine today, I'd like to withdraw money from my checking account?" Why are these banks relying on a network encumbered by DoS attacks, spam, online games and pornography, to route and handle their important traffic? A national election/referendum in Canada was canceled eh? Oh lordy not that! Why was a *national* election of any sort relying on the *global* internet in any way? Last I checked there was no method for online voting that met scrutiny of all parties as far as security and reliability were concerned. So why is this national election impacted by insecure global technology exactly? Workers sent home at some major US companies? Because of the SQL/Sapphire/Slammer worm, workers had to miss a few hours out of the 2000 work hours of the year. The same companies that are reluctant to let these employees go to funerals or take care of sick relatives in fear or paying them for time not spent working? Oh no! These workers getting a few hours off sounds like a good thing to me. As usual, I think we've lost our perspective on what this worm really did. We're long past pointing fingers at Microsoft, lazy admins, full disclosure or anything else. Businesses have some incredibly masochistic desire to utilize the Internet for their operations, instead of using it as a limited route for customer exposure or convenience. Insisting on taking unpaved road then crying like a bitch when you hit a rock is absurd. Vulnerabilities are discovered, systems are left unpatched, mass hysteria and global panic ensues. When will we realize that history is destined to repeat itself and these events will happen again and again? - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Mon Feb 03 2003 - 01:26:07 PST