Fighting the worms of mass destruction

[InfoSec News <isn () c4i org>]

Forwarded from: William Knowles <wk () c4i org>

http://www.economist.co.uk/science/displayStory.cfm?story_id=2246018

Nov 27th 2003 
SAN FRANCISCO 
> From The Economist print edition

WHEN Microsoft released its latest monthly batch of software patches 
on November 11th, it included one designed to repair a previously 
unknown flaw in Windows 2000. Such an event often acts as a tip-off to 
the writers of computer worms and viruses, who know that new patches 
are never applied very widely or very quickly. It is possible that 
this new flaw could herald a series of computer failures at least as 
damaging as those seen earlier in the year. 

Bill Gates, the chairman of Microsoft, once made a habit of using his 
keynote speech at Comdex, the computer industry's top annual trade 
show, to launch his company's "next big thing". Not all of these 
innovations succeeded, though at the time of their unveiling they all 
contained something to excite the industry. But times have changed. Mr 
Gates began his speech at the Las Vegas show this month by unveiling a 
dull bit of software that manages the distribution of security patches 
on a network. He followed this with an almost equally dreary firewall 
and a new spam-filtering initiative. These, rather than glitzy product 
announcements, are the industry's new priorities. Closing loopholes 
exploited by viruses, worms and hackers, said Mr Gates, is "the 
largest thing we are doing".

Eradicating spam is a top priority for the American government too. 
The Can Spam Act made comfortable progress through Congress this week, 
the first piece of federal legislation to attempt to reduce the amount 
of unsolicited electronic garbage passing over the internet. Opinion 
is divided as to how effective the new law will be. But if it works at 
all, it will also help to improve internet security. Spam is often the 
transmitter of computer viruses.


Cyber-louts

The biggest fear is that viruses and worms will be used by terrorists 
to hold societies to ransom. Last year, American spies found a shack 
in Pakistan where it appeared that al-Qaeda had been training hackers 
to break into the computer systems of dams, power grids and nuclear 
plants. Computer failures may have played a role in the vast power 
black-outs in north-eastern America and parts of Canada that occurred 
at the same time.

However, according to Bruce Schneier, a leading expert on network 
security, only one instance so far deserves to be called 
cyber-terrorism. In 2000, a hacker named Vitek Boden broke into the 
computers of an Australian sewage plant and leaked raw effluent into 
rivers and parks, killing fish but no people. However, Mr Boden was no 
ordinary terrorist. Not only had he helped to design and install the 
system that he attacked, but even with his inside knowledge he had 
considerable difficulty breaking in. 

Terrorists may try more sinister acts. Nonetheless, the internet is a 
surprisingly difficult medium for them. Malicious code has the 
potential to cause huge annoyance and disruption. But for people 
intent on carnage and terror, rather than disruption, blowing oneself 
up or similar low-tech methods remain far more attractive.

A better word for the threat of internet crime is therefore 
"cyber-hooliganism", says Mr Schneier. Less than 1% of recent computer 
attacks originated in countries that America considers breeding 
grounds for terrorists; the vast majority came from inside America 
itself. Hackers are more likely to be geeky teens on an ego trip, or 
greedy crooks hoping to steal money online, than Islamic 
fundamentalists.

[...]


 
*==============================================================*
"Communications without intelligence is noise;  Intelligence
without communications is irrelevant." Gen Alfred. M. Gray, USMC
----------------------------------------------------------------
C4I.org - Computer Security, & Intelligence - http://www.c4i.org
================================================================
Help C4I.org with a donation: http://www.c4i.org/contribute.html
*==============================================================*



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.