http://online.wsj.com/article/SB10001424052970204883304577219543897943980.html By RICHARD A. CLARKE The Wall Street Journal FEBRUARY 16, 2012 For most of this year, Arab-Israeli tensions have been spilling off the streets and airwaves and onto the region's fiber optic cables. Citizen hackers on both sides have engaged in tit-for-tat raids on Israeli, Saudi and other regional computer networks. Stock exchanges, airlines, government offices and even hospitals have had their websites defaced or shut down. Credit-card numbers and personal emails have been stolen and posted on the Internet. One Israeli official has labeled the escalating cyber hostility "terrorism" and called for it to be dealt with as such. It has not been terrorism. No one has died and, so far, nothing has blown up as a result. Indeed, most of the activity has involved the use of relatively commonplace hacker tools and techniques. This ongoing cyber "hacktivism" has, however, demonstrated three things that should cause nations to act. First, the ease with which the hacktivists have been able to steal data and to shut down Web pages suggests that companies (and perhaps governments) in the region have not yet taken cyber security seriously. Governments in other regions (Asia, Europe, North America) have been educating, assisting and regulating companies to improve their cyber security. There has been a notable lack of such government activity in the Middle East, and that inactivity has opened the way for citizen hackers to cause the mischief we see today. If the hackers turn their attention to disruption and destruction, as some have threatened, they are likely to find the controls for electric power grids, oil pipelines and precious water systems inadequately secured. If a hacker causes real physical damage to critical systems in that region, it could quickly involve governments retaliating against each other with both cyber and conventional weapons. Middle Eastern governments need to get their citizen hackers under control and better protect their own critical networks, or they will eventually be dragged into unwanted conflict. [...] ______________________________________________________________________________ Certified Ethical Hacker and CISSP training with Expanding Security gives the best training and support. Get a free live class invite weekly. Best program, best price. www.ExpandingSecurity.com/PainPillReceived on Thu Feb 16 2012 - 00:06:42 PST
This archive was generated by hypermail 2.2.0 : Thu Feb 16 2012 - 00:06:07 PST