With US and British forces bombing the Taliban and Osama bin Laden’s
training camps inside Afghanistan, US officials are bracing for other terrorists
attacks. But it’s not just physical attacks they’re worried about. Law
enforcement and security experts are increasingly concerned that the US and its
allies could be in for cyber-assaults as well. Shortly after the attacks on the
World Trade Center and the Pentagon, the FBI issued a warning to tighten
computer security. And on September 22, the Institute for Security Technology
Studies, a government-funded research organization at Dartmouth College, put out
a report warning that cyber-attacks, ranging from defacing websites to
undermining America’s critical information systems, could be launched by
terrorists or hacker sympathizers.
No one expects a digital Armageddon. But the guardians of the Net are on
alert. On October 1, the FBI, along with private security experts, took the
unusual step of publicizing the top 20 ways that hackers tamper with computer
systems. The goal: Make companies aware of potential weaknesses so they know
what steps to take. Richard Pethia, director of the CERT Centers, a
government-funded computer security organization run by Carnegie Mellon
University, took a similar message to Capitol Hill on September 26, testifying
that hacker tools are getting more sophisticated and easier to use.
This is not war games. Officials are worried that tech-savvy terrorists could
do serious damage. In June, hackers were able to gain access to a California
company that distributes power. Last October, pro-Israel and pro-Palestinian
hackers launched a cyber-skirmish. The attacks on Israel, dubbed a cyber-jihad
by the pro-Palestinian hackers, escalated from defacing websites with images of
children mutilated by war to shutting down such sites as the Bank of Israel’s.
So far, no major cyber-attacks have been launched. But experts fear that could
change because vulnerable systems on the Net can be sabotaged in hours by a
determined foe. "These people are very sophisticated in their ability to
plan, execute, and use the latest technology," says Elad Yoran, executive
vice-president for Riptech, a Net security company.
How Secure is the Internet |
|
|
|
|
Data: CERT Coordination Center, General |
The recent Nimda worm underscores the Net’s vulnerability. On September 18,
the worm, a virus-like program that replicates itself, infected and shut down
100,000 computers within 24 hours. Future worms could have "sleeper"
commands that would coordinate widespread activation of the virus with a
conventional terrorist attack.
The events of September 11 have experts reevaluating previous notions about
computer security. Now it’s up to the cyber-cops and vigilant corporations to
protect against the type of terrorism that comes at the speed of light down a
fiber-optic cable.
By Ira Sager in New York, with John Carey in Washington and Jim Kerstetter in San Mateo in BusinessWeek. Copyright 2001 by The McGraw-Hill Companies, Inc