Terrorism 101 With Eric Shaw

[InfoSec News <isn () c4i org>]

http://www.computerworld.com/cwi/story/0,1199,NAV47_STO69867,00.html

By DAN VERTON 
April 08, 2002

Eric Shaw, a former CIA profiler and clinical psychologist who now
consults for Stroz & Associates LLC, a cybersecurity firm in New York,
takes Computerworld's Dan Verton inside the minds of terrorists.

There's been a lot of speculation, even before Sept. 11, about the
nation's vulnerability to an "electronic Pearl Harbor," or
cyberterrorist attacks. But there has been little evidence that
terrorists value cyberattacks. What has changed since Sept. 11?

Shaw: There's still little evidence that traditional terrorist groups
place a high priority on cyberattacks vs. using information technology
for communication, command and control, and propaganda. Guns, bombs
and vehicles [such as] trucks, planes and boats for delivery appear to
be quite adequate for their needs, as the Sept. 11 attacks showed.

I am worried that a new operational standard has been set up for
imitation. I think we are going to see more attacks on relatively
unprotected civilian sites and on individuals. The same trend may
occur in this country as terrorists turn away from heavily fortified
government facilities to less protected corporate sites.


Are there any exceptions to the lack of terrorist interest in
cyberattacks?

Shaw: Yes. First, there are several types of nontraditional,
politically motivated groups that cannot at present be considered
terrorists that have utilized low-level cyberassaults, especially
denial-of-service attacks. These groups often are referred to as
members of antiglobalization, hacker, anarchist and other coalitions,
often associated with our political left. They have actively organized
and recruited individuals and groups for cyberattacks against their
identified adversaries.

Second, I am concerned about online or face-to-face recruitment of
disgruntled IT specialists. For example, there were rumors earlier
this year that an al-Qaeda affiliate had placed moles into Microsoft
who had introduced Trojans into Windows XP. Though denied by the
company, think of the potential impact.

The IT field is one of the most international and ethnically diverse
in this country, and its members . . . may represent a very attractive
recruitment pool for terrorist organizations.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.