Information Security News mailing list archives
Organised exploitation of the information super-highway
From: InfoSec News <isn () C4I ORG>
Date: Tue, 22 Aug 2000 02:29:13 -0500
http://www.janes.com/security/terrorism/news/jir/jir000627_1_n.shtml Forwarded By: security curmudgeon <jericho () attrition org> Janes Intelligence Review 27/06/00 The threat of the lone computer hacker is giving way to the more alarming trend of hacker collectives and the advent of organised cyber-insurgency. Leah James and Jestyn Cooper report. Chernobyl came and went; Melissa caused some consternation, but it was not until the arrival of I Love You that the virus phenomenon made a deep impression on computer users around the world. Within 36 hours of its impact being registered, the so-called Love Bug had infected an estimated five million machines. It was not that this was the most damaging virus to date, nor the most innovative, but it did succeed in drawing unprecedented attention to the dangers associated with the Internet and e-mail. The Love Bug was accredited to a single, disenchanted Filipino computer student. Given the extent of the chaos he created, could not similar means be employed, perhaps to even greater effect, by criminals, terrorists or even rogue states, such as Libya or North Korea? How prepared are law enforcement agencies around the world to meet this potential threat? Despite several years of progress, the capabilities of the hacker are undeniably superior. The lone hacker It has long been held that, in terms of a threat to IT systems, the protagonist would be an individual, skilled and knowledgeable, but at odds with the society surrounding them: typically, a college-educated, twenty-something male who found the challenge of accessing otherwise secure IT networks motivation enough. To complete the stereotype, these young, alienated hackers would invariably be complemented by less opportunistic and more idealistic computer experts, whose disruptive tendencies were but an expression of the computer users commitment to the freedoms of information and speech. To a greater or lesser extent, each of these classic hacker definitions probably account for the majority of those engaged in such activities today. The proliferation of do-it-yourself manuals, both online and in hard copy, offering guidance on a variety of techniques to disrupt even apparently sophisticated networks, has only increased the attractiveness of their domain. Despite the release of over 200 viruses each month in the USA alone, the hackers "propensity for expensive mischief" remains little more than that. Lacking co-ordination, they rarely cause anything more than a headache for businesses and the IT security firms that protect them. The greater danger comes from those with more experience, determination and guile, to whom notoriety (or, as has been alleged in certain instances, financial reward) is often the primary goal. Kevin Mitnick is regarded as a martyr to hackers. A spate of attacks on some of the largest Internet sites, including Amazon.com and CNN, followed the end of a case against him that covered 25 counts of computer and wire-fraud. David Smith, a computer programmer and the source of the Melissa virus, faces up to 10 years imprisonment and a US$100,000 fine. Their exploits encourage those with more malicious intent. [...] ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".
Current thread:
- Organised exploitation of the information super-highway InfoSec News (Aug 22)