[ISN] Novel explores U.S.-Iraq cyberwar

From: InfoSec News (isnat_private)
Date: Tue Feb 25 2003 - 05:02:09 PST

  • Next message: InfoSec News: "[ISN] SIP weakness could expose VoIP gear to attacks"

    http://www.fcw.com/fcw/articles/2003/0224/web-cyber-02-24-03.asp
    
    [http://www.amazon.com/exec/obidos/ASIN/0595257496/c4iorg  - WK]
    
    
    By Dan Caterinicchia 
    Feb. 24, 2003
    
    Iraq has launched a cyberattack against the United States, targeting 
    everything from critical infrastructure networks to government 
    systems. Authorities are hamstrung by political and legal impediments, 
    forcing a cyber vigilante to lead a rebel force against Iraq, which 
    makes him the target of the U.S. government as well as the terrorists.
    
    While that scenario is fictitious, it is not nearly as farfetched as 
    it was even a few months ago, and government readers are increasingly 
    interested in what the author of a new novel - "No Outward Sign" 
    (Writers Club Press, November 2002) - has to say.
    
    Bill Neugent, chief engineer for cybersecurity at Mitre Corp., has 
    recently accepted invitations to give talks on cyberterrorism at 
    Sandia National Laboratories and the Department of Veterans Affairs.
    
    Neugent said that although his book is fiction, it examines the 
    concept that industry, government and the public are essentially 
    "naked in cyberspace," with privacy diminishing, identity theft on the 
    rise and financial accounts highly vulnerable.
    
    He added that although cyberterrorism is a real threat, the general 
    public does not share the fear felt in government and industry circles 
    where it is better understood.
    
    "With cyberterrorism, there's not the fear and intimidation like with 
    the sniper.... It's not that gut wrenching," Neugent said. "It's more 
    hollow, like reading the business section and looking at the stock 
    market."
    
    Last month's Slammer worm, which exploited known vulnerabilities in 
    Microsoft Corp.'s SQL Server 2000 database software to generate a high 
    enough volume of work for servers to slow or shut down, was about 250 
    times faster than previous worms. Of the 75,000 machines it affected 
    worldwide, most were infected in about 10 minutes. That speed is 
    "jaw-dropping," and Slammer may be the first of many like it, he said.
    
    But the news is not all bad. Neugent said the Defense Department and 
    government networks did a good job containing Slammer and are far 
    better protected than they were in the past, although "there's still a 
    long way to go." 
    
    One of the most frustrating aspects of cyber protection is that even 
    as industry continues to produce newer and better software and 
    applications, the number of vulnerabilities associated with those 
    doubles every year, he said.
    
    "The dilemma is that with the stronger underpinnings, there are two 
    times as many holes to patch," Neugent said. 
    
    The White House's recently released National Strategy to Secure 
    Cyberspace is a step in the right direction, he said, adding that he 
    is especially pleased that it gives the Homeland Security Department 
    the authority to establish "government red teams" to conduct 
    cyberattack exercises against the nation's critical infrastructure 
    networks and then increase protection through those operations.
    
    As a Mitre employee, Neugent said he shared many passages in his book 
    with his customers - DOD and intelligence community officials - to 
    ensure that nothing in the novel could be used by a terrorist or rival 
    government against the United States.
    
    "I erred on the side of caution because I didn't want to encourage the 
    bad guys, but I did want to nudge the good guys into action," he said. 
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Tue Feb 25 2003 - 08:02:23 PST