Re: [ISN] Cyber terrorism not real: Gartner

From: InfoSec News (isn@private)
Date: Mon Nov 17 2003 - 01:48:04 PST

  • Next message: InfoSec News: "[ISN] Linux Advisory Watch - November 14th 2003"

    Forwarded from: emerson <et@private>
    
    One major problem I see with cyber terrorism, is that it is very hard to 
    distinguish a cyber anything strike, from an accident or service outage.
    
    In order to be effective, any terror strike has to cause immediate
    fear (it's not called terror(ism) for nothing). While you may be able
    to turn out the lights, make the banking system shutdown for a day,
    make peoples phones go funny and so on, it's not in the same immediate
    scare league, as say, a two thousand pound ANFO truck bomb in the
    middle of a crowded shopping district.
    
    even Air traffic control periodically goes wrong, and although the
    reaction to two planes crashing into each other will be bad, it's not
    as bad as using anti-aircraft missiles to blow up a few airliners over
    crowded metropolitan districts.
    
    The aim to make people feel that they and the system are powerless.
    You can change things like Air Traffic Control to make aircrew less
    reliant on it, things can be done about network based attacks. However
    versus the truck bomb, the suicide bomb, the missile and the fanatic
    with a sniper rifle, the perception is that the state and the
    individual is powerless to stop them, and that is what really inspires
    fear. The problem is one of how people view risk and the way the media
    informs our ability to judge the risks we face everyday.
    
    Terrorists are not ingnorant of this, and go for maximum exposure to
    ensure the perception of their abilities is much stronger than their
    often puny real strength.
    
    The thing about network based attacks is that they can make a bad
    thing worse. Take out 911, then do any of the above in order to
    inspire panic.  Take out electricity, then detonate bombs all over the
    place and then watch people panic in the dark. If you time it right
    and in the right place you can cause many many more casualties (see
    bali for a tragic example).
    
    Emerson
    
    InfoSec News wrote:
    
    > Forwarded from: GertJan Hagenaars <isn@private>
    > 
    > Apparently, InfoSec News wrote:
    > % Forwarded from: Fredrich P. Maney <maney@private>
    > % 
    > % InfoSec News wrote:
    > % 
    > % > http://www.zdnet.com.au/newstech/security/story/0,2000048600,20280859,00.htm
    > % > 
    > % > The director, Rich Mogull, told journalists 
    > % > 
    > % > "The goal of terrorism is to change society through the use of force 
    > % > or violence, resulting in fear," he explained.
    > % 
    > % That's just bunk.
    > % 
    > % The goal of terrorism is to bring attention to their cause, thereby
    > % causing some people to change their own personal beliefs and
    > % convictions to those of the terrorists and to eventually bring about
    > % societal change because of that shift in mores.
    > 
    > You are largely correct.
    
    
    -- 
    "For every complex problem there is an answer that is clear, simple, and 
    wrong." ~ H.L. Mencken
    Freelance Thinker:
    Emerson Tan mICDDS, mRUSI
    et@private
    PGP Key Fingerprint: 71E9 0C2A CD8F 44AC 4CA5  BB3D 09D4 0B6E 2734 DC72
    Key available on request or from http://pgp.mit.edu or your favourite 
    PGP keyserver.
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomo@private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Mon Nov 17 2003 - 04:52:03 PST