MSNBC China a staging ground for computer attacks

"Web sites in China are being used heavily to target computer networks in the Defense Department and other U.S. agencies, successfully breaching hundreds of unclassified networks, according to several U.S. officials."

"Whether the attacks constitute a coordinated Chinese government campaign to penetrate U.S. networks and spy on government databanks has divided U.S. analysts. Some in the Pentagon are said to be convinced of official Chinese involvement; others see the electronic probing as the work of other hackers simply using Chinese networks to disguise the origins of the attacks."

redux [02.26.04]
PC World Who's Guarding the Internet?

""I wouldn't say that the critical infrastructure is fully protected at this point by a long stretch," Stanco says. While the government can protect its own Web sites and servers, protecting its section of the infrastructure won't make that much difference unless the banks, electrical companies, and other major corporations match the government's efforts, he notes.

"I'm not sure private industry's going to do it by itself," Stanco adds."

redux [11.14.03]
News.Com Is cyberterrorism a phantom menace?

""The goal of terrorism is to change society through the use of force or violence, resulting in fear," he explained. "I want to put this cyberterrorism thing to rest. It's a theory, it's not a fact.""

Even though there were examples of attacks that have physical consequences--such as the case of Vitek Boden, sentenced to two years in prison for releasing up to 1 million liters of sewage into the river and coastal waters of the town of Maroochydore, in Queensland, Australia, in 2001--they could not be described as terrorist acts, Mogull explained. To a large extent, it comes down to motive, he said."

Government Computer News Is government ignoring the threat of cyberterrorism?

"Verton criticized the IT security community for what he called appeasement, accepting unacceptable levels of risk and focusing on past threats rather than future dangers.

"This is going to be one of the primary battlefields of the future," he said. "We need to have a discussion of cybervulnerabilities today, before the next failure occurs.""

redux [09.03.03]
The Washington Post Americans Fear Cyberattacks From Terrorists, Study Shows

Nearly half of all Americans surveyed say they are worried that terrorists could launch attacks through the networks connecting home computers and powerful utilities, a study by the Pew Internet and American Life Project found.

Some industry analysts consider this level of concern a triumph of sorts, signifying that their lobbying efforts and public awareness campaigns have had an effect."

redux [08.17.03]
Time An Invitation To Terrorists?

"The bigger risk is a digital attack. Richard Clarke, former cyberspace security czar in the Bush Administration, thinks an attack on the electricity- generating system is more likely to come from computer hackers than bombers. "The power grid is controlled by software, so the question is, Is there a way you can get into the control system?" Clarke asks. "And, yeah, there is."

A skilled hacker could disable a network of several plants without ever entering a facility by seizing digital controls at the point where computers meet the infrastructure they run."

redux [08.01.03]
SecurityFocus Cyberterror fears missed real threat

""Based on what we knew at the time, the most likely scenario was an attack from cyberspace, not airliners slamming into buildings," said Sachs, in an interview after his keynote."

"While he stops short of saying that Washington's cyber terror obsession was a blunder, Sachs acknowledges that, in hindsight, the effort was misdirected. "We had spent a lot of time preparing for a cyber attack, not a physical attack," says Sachs. "Our priorities had to change a little bit.""

redux [06.20.03]
Crypto-Gram The Risks of Cyberterrorism

"The threat of cyberterrorism is causing much alarm these days. We have been told to expect attacks since 9/11; that cyberterrorists would try to cripple our power system, disable air traffic control and emergency services, open dams, or disrupt banking and communications. But so far, nothing's happened. Even during the war in Iraq, which was supposed to increase the risk dramatically, nothing happened. The impending cyberwar was a big dud. Don't congratulate our vigilant security, though; the alarm was caused by a misunderstanding of both the attackers and the attacks."

redux [04.09.03]
Washington Post Ex-Officials Urge U.S. To Boost Cybersecurity

"In his first appearance on Capitol Hill since leaving the White House in February, Richard A. Clarke warned lawmakers against the "dangerous" tendency to dismiss the consequences of an attack on the nation's computer networks.

"For many, the cyberthreat is hard to understand: No one has died in a cyberattack, after all. There has never been a smoking ruin for cameras to see," said Clarke, now a security consultant. "It is the kind of thinking that said we never had a major foreign terrorist attack in the United States, so we never would; al Qaeda has just been a nuisance, so it never will be more than that.""

redux [03.14.03]
BBC Cyber terrorism 'overhyped'

"The threat posed by cyber-terrorism has been overhyped and the net is unlikely to become a launch pad for terror attacks.

That was the conclusion of a panel of security and technology experts brought together at the CeBIT technology fair to consider the threat posed by net attacks on businesses and consumers."

""The hype is coming from the US Government and I don't know why," [Bruce Schneier] said."

redux [03.04.03]
Slate Bush's Cyberstrategery

"How else to explain the credulity with which the Bush administration's National Strategy To Secure Cyberspace was greeted last month? The 76-page document is chock full of what computer-security experts term "FUD"--geek shorthand for spreading bogus "fear, uncertainty, and doubt." Never mind that the hype over alleged "cyberterrorism" has been thoroughly debunked, time and time again. The government's information technology sages still trot out dubious stats in support of a looming "cyberwar," claiming that hostile nations possess legions of computer-savvy shock troops ready to knock out New York's electricity, zap the nation's phone lines, or open up the Hoover Dam.

Yet here we are in 2003, and the cyberterrorism casualty list is still barren. Sure, some Serb hackers slowed down the NATO Web site during the Kosovo conflict, and a couple of Chinese hackers defaced sites in the wake of their country's embassy being bombed. But, honestly, did either incident get you quaking in your Keds?"

redux [02.28.03]
Parameters: US Army War College Quarterly Al Qaeda and the Internet: The Danger of "Cyberplanning"

"We can say with some certainty, al Qaeda loves the Internet. When the latter first appeared, it was hailed as an integrator of cultures and a medium for businesses, consumers, and governments to communicate with one another. It appeared to offer unparalleled opportunities for the creation of a "global village." Today the Internet still offers that promise, but it also has proven in some respects to be a digital menace. Its use by al Qaeda is only one example. It also has provided a virtual battlefield for peacetime hostilities between Taiwan and China, Israel and Palestine, Pakistan and India, and China and the United States (during both the war over Kosovo and in the aftermath of the collision between the Navy EP-3 aircraft and Chinese MiG). In times of actual conflict, the Internet was used as a virtual battleground between NATO's coalition forces and elements of the Serbian population. These real tensions from a virtual interface involved not only nation-states but also non-state individuals and groups either aligned with one side or the other, or acting independently."

redux [02.18.02]
SecurityFocus Richard Clarke's Legacy of Miscalculation

"The retirement of Richard Clarke is appropriate to the reality of the war on terror. Years ago, Clarke bet his national security career on the idea that electronic war was going to be real war. He lost, because as al Qaeda and Iraq have shown, real action is still of the blood and guts kind.

In happier times prior to 9/11, Clarke -- as Bill Clinton's counter-terror point man in the National Security Council -- devoted great effort to convincing national movers and shakers that cyberattack was the coming thing. While ostensibly involved in preparations for bioterrorism and trying to sound alarms about Osama bin Laden, Clarke was most often seen in the news predicting ways in which electronic attacks were going to change everything and rewrite the calculus of conflict.

redux [12.20.02]
Wired News Terrorists on the Net? Who Cares?

"To all those Chicken Littles clucking frantically about the imminent threat of a terrorist attack on U.S. computer networks, a new report says: Knock it off."

""The idea that hackers are going to bring the nation to its knees is too far-fetched a scenario to be taken seriously," said Jim Lewis, a 16-year veteran of the State and Commerce Departments."

""Nations are more robust than the early analysts of cyberterrorism and cyberwarfare give them credit for," Lewis wrote in the report. "Infrastructure systems (are) more flexible and responsive in restoring service than the early analysts realized, in part because they have to deal with failure on a routine basis.""

redux [10.29.02]
MSNBC Worries of a cyber war

"Politically motivated hack attacks are rising "sharply," London-based computer security firm mi2g said Tuesday, citing in particular the rise of what it called "Islamic interest hacking groups." And while political hacks account for just a fraction of all hacking activity, security experts worry that may soon change."

"October, mi2g said, has already qualified as the worst month for overt digital attacks since its records began in 1995, with an estimated 16,559 attacks carried out on systems and Web sites."

redux [09.18.02]
News.Com Government unveils cybersecurity plan

"CSIS analyst Arnaud de Borchgrave, a former editor-in-chief of the Washington Times and United Press International, warned that a "cyberattack" was just around the corner.

"It is later than we think. The next generation of transnational terrorists understands that a hand on a mouse can be more lethal than a finger on the trigger," said de Borchgrave, who co-authored a report that concluded: "Cyberattacks now arise whenever disputes occur anywhere in the world...Can cyberterrorism and cyberwar be far behind?""

redux [08.14.02]
ZDNet Is the U.S. headed for a cyberwar? I doubt it

"THE FIRST THOUGHT that comes to my mind when people mention cyberwar is: What kind of attack are they really talking about? We've seen Web page defacements traded between Palestinian and Israeli cyberactivists. The Yaha worm, thought to have originated in India, recently caused a distributed denial-of-service (DDoS) attack on the Pakistani government's main Web site. In the grand scheme of things, however these are relatively minor inconveniences compared with a major military ground or air attack."

"No one has ever made it clear to me exactly what a cyberwar would entail--and I'm betting I'm not the only one who's confused here. "

The Register Mock cyberwar fails to end mock civilization

"A mock cyberwar enacted by faculty of the US Naval War College and analysts from Gartner does not appear to have fulfilled the Clancyesque predictions of mass devastation envisioned by the leading security paranoiacs of the Clinton and Bush Administrations.

The exercise, named "Digital Pearl Harbor," apparently in tribute to US CyberSecurity Czar and Chief Alarmist Richard Clarke, brought together a team of experts in several areas related to critical infrastructure for a three-day hackfest."

redux [10.04.01]
First Monday Networks, Netwars, and the Fight for the Future

"Netwar is an emerging mode of conflict in which the protagonists - ranging from terrorist and criminal organizations on the dark side, to militant social activists on the bright side - use network forms of organization, doctrine, strategy, and technology attuned to the information age. The practice of netwar is well ahead of theory, as both civil and uncivil society actors are increasingly engaging in this new way of fighting. We suggest how the theory of netwar may be improved by drawing on academic perspectives on networks, especially those about organizational network analysis. As for practice, strategists and policymakers in Washington and elsewhere have begun to discern the dark side of the network phenomenon - especially in the wake of the "attack on America" perpetrated apparently by Osama bin Laden's terror network. But they still have much work to do to begin harnessing the bright side, by formulating strategies that will enable state and civil-society actors to work together better."

The New York Times Securing the Lines of a Wired Nation
[requires 'free' registration]

""People aren't going to be killing us with computers," Mr. Hunker said, "but our life may be hell because of computer attacks."

The likeliest use of the technology, he said, would be to complicate matters further after a real-world attack, a tactic he describes with the military phrase "force multiplier." That could involve planting false information on the Web to create a panic or taking down crucial computers in the financial or communications sectors."

redux [08.19.01]
AsianWeek Get Ready for Cyberwars

""Taiwan has one of the world's largest computer software and hardware manufacturing bases," said D.K. Matai, managing director of the British-based Mi2. "The computer software programmers in Taiwan are world class. Our view is that getting involved in any kind of conflict with Taiwan, given the kind of intellectual capacity the country has, may prove detrimental."

The Chinese government has been quite open about its future strategic military objective. In paper appearing in the spring issue of China Military Science journal, a member of the Chinese Committee of Science, Technology and Industry of the System Engineering Institute, wrote: "We are in the midst of a new technology in which electronic information technology is the central technology. The technology provides unprecedented applications for the development of new weaponry...Military battles during the 21st century will unfold around the use of information for military and political goals.""

redux [09.06.00]
Rand Corporation In Athena's Camp: Preparing for Conflict in the Information Age

"The thesis of this think piece is that the information revolution will cause shifts both in how societies may come into conflict, and how their armed forces may wage war. We offer a distinction between what we call "netwar" -- societal-level ideational conflicts waged in part through internetted modes of communication -- and "cyberwar" at the military level. These terms are admittedly novel, and better ones may yet be devised. But for now they illuminate a useful distinction and identify the breadth of ways in which the information revolution may alter the nature of conflict short of war, as well as the context and the conduct of warfare.

While both netwar and cyberwar revolve around information and communications matters, at a deeper level they are forms of war about "knowledge" -- about who knows what, when, where, and why, and about how secure a society or military is regarding its knowledge of itself and its adversaries."

redux [01.04.01]
MSNBC Bytes without the blood in Mideast

"Scenes of street violence are played out day after day in Palestinian towns across Gaza and the West Bank. But another modern-day arena for battle between the Palestinians and the Israelis is growing ever more heated, so much so that the Internet war waged by computer-savvy political activists is being dubbed an "e-Jihad.""

redux [03.22.00]
CNN Kashmir conflict continues to escalate -- online

"A group of Pakistani hackers has used the conflict in Kashmir as a reason to deface almost 600 Web sites in India and take control of several Indian government and private computer systems, according to the group."

"Unlike the majority of Web vandals, the MOS members say they secretly take control of a server, then deface the site only when they "have no more use" for the data or the server itself.

"The servers we control range from harmless mail and Web services to 'heavy duty' government servers," says the MOS representative. "The data is only being categorically archived for later use if deemed necessary."

The Christian Science Monitor Wars of the future... today

"Take the NATO bombing of the Chinese embassy in Belgrade several weeks ago. Rage spread across China and hackers from the mainland attacked the Web sites of the US Departments of Energy and the Interior, and the National Park Service. A subsequent attack brought down the White House Web site for three days. The attacks generated headlines across the country.

What the news media didn't report was that the US government had known for a long time that someone had been in its computer systems - they just didn't know who. Then, in a fit of anger, the Chinese hackers caused some real damage - and gave away the hidden "location" of several "backdoors" they had built in US government networks."

"The US Government Accounting Office estimates 120 groups or countries have or are developing information-warfare systems. According to a report issued by the Center for Strategic and International Studies, 23 nations have cyber-targeted the US."