Advertisment
Features

Preparing for a Cyber-Assault

author-image
DQI Bureau
New Update

With US and British forces bombing the Taliban and Osama bin Laden’s

training camps inside Afghanistan, US officials are bracing for other terrorists

attacks. But it’s not just physical attacks they’re worried about. Law

enforcement and security experts are increasingly concerned that the US and its

allies could be in for cyber-assaults as well. Shortly after the attacks on the

World Trade Center and the Pentagon, the FBI issued a warning to tighten

computer security. And on September 22, the Institute for Security Technology

Studies, a government-funded research organization at Dartmouth College, put out

a report warning that cyber-attacks, ranging from defacing websites to

undermining America’s critical information systems, could be launched by

terrorists or hacker sympathizers.

Advertisment

No one expects a digital Armageddon. But the guardians of the Net are on

alert. On October 1, the FBI, along with private security experts, took the

unusual step of publicizing the top 20 ways that hackers tamper with computer

systems. The goal: Make companies aware of potential weaknesses so they know

what steps to take. Richard Pethia, director of the CERT Centers, a

government-funded computer security organization run by Carnegie Mellon

University, took a similar message to Capitol Hill on September 26, testifying

that hacker tools are getting more sophisticated and easier to use.

This is not war games. Officials are worried that tech-savvy terrorists could

do serious damage. In June, hackers were able to gain access to a California

company that distributes power. Last October, pro-Israel and pro-Palestinian

hackers launched a cyber-skirmish. The attacks on Israel, dubbed a cyber-jihad

by the pro-Palestinian hackers, escalated from defacing websites with images of

children mutilated by war to shutting down such sites as the Bank of Israel’s.

So far, no major cyber-attacks have been launched. But experts fear that could

change because vulnerable systems on the Net can be sabotaged in hours by a

determined foe. "These people are very sophisticated in their ability to

plan, execute, and use the latest technology," says Elad Yoran, executive

vice-president for Riptech, a Net security company.

How

Secure is the Internet
  • A

    September 12 report found that 24 federal bodies, from Treasury to the

    Pentagon, have computer systems "riddled with weaknesses."

    Hackers could read or tamper with information
  • With the number of bugs and other

    problems in software products reaching an estimated 2,000 per year, tech

    organizations are at a loss to keep up with needed repairs
  • The Internet ties together more than 100

    million computers, leaving hundreds of thousands of machines susceptible

    to a number of different cyber-attacks at any given moment
  • Many cyber-attacks are now so automated

    they spread across the globe within hours. And developing remedies is more

    difficult as attack technology grows more complex

Data: CERT Coordination Center, General

Accounting Office
Advertisment

The recent Nimda worm underscores the Net’s vulnerability. On September 18,

the worm, a virus-like program that replicates itself, infected and shut down

100,000 computers within 24 hours. Future worms could have "sleeper"

commands that would coordinate widespread activation of the virus with a

conventional terrorist attack.

The events of September 11 have experts reevaluating previous notions about

computer security. Now it’s up to the cyber-cops and vigilant corporations to

protect against the type of terrorism that comes at the speed of light down a

fiber-optic cable.

By Ira Sager in New York, with John Carey in Washington and Jim Kerstetter in San Mateo in BusinessWeek. Copyright 2001 by The McGraw-Hill Companies, Inc

Advertisment