CATASTROPHIC CYBER ATTACK
Digital Hit Men for Hire
Financial Mogul Linked to DDoS Attacks
Catastrophic cyber attack said possible http://www.nando.net/newsroom/ntn/info/100797/info20_8231_noframes.html Copyright 1997 Nando.net Copyright 1997 The Associated Press
Hackers and Security Experts Warn Senate Panel October 7, 1997
Neither industry
nor
government has the means to protect the nation against computer attacks that could shut
down communications and power grids, the chairman of a presidential commission studying the problem said
Tuesday. "While a catastrophic cyber attack has not occurred, we have enough isolated incidents to
know
that the potential for disaster is real and the time to act is now," said Robert T. Marsh, chairman
of
the Commission on Critical Infrastructure Protection. In a speech to the National
Information Systems Security Conference, Marsh said that several government and academic sites that prided
themselves on tight security were targets of a recent e-mail attack. "A flood of e-mail messages
originating in Australia and Estonia -- and routed through the White House computer system -- virtually
shut
down Langley air base's e-mail for hours," he said. In another case, someone in England routing
messages through Latvia, Colombia and Chile and commercial Internet service providers gained access to
computers at Rome Laboratory at Griffis Air Force Base in Rome, N.Y., and "launched attacks against a
wide array of defense and government computer systems," said Marsh. In an interview before his
speech,
the retired Air Force general said that "the tools are available, the knowledge is available to do
serious harm." Marsh's commission is scheduled to give its report to President Clinton next
week.
He said it would recommend far greater cooperation and sharing of information between government and
private
industry, accelerated research and a nationwide program to educate people on the scope of the problem. In
the interview, Marsh conceded that there will be a need to break down reluctance within industry and
government to share
sensitive information. He said there is a need to "devise the means by which the private sector
can in fact be willing to share its information and not fear that it will leak." At the same time,
the
government "is going to have to recognize that in this new era, it's the private sector that
needs
some of this threat information and this warning information." Marsh said the threat comes from a
broad
spectrum of what he called "bad actors," including recreational hackers, organized criminals and
terrorists. "We have found no smoking keyboard," he said, "no evidence of anybody wanting
to
try a debilitating attack on our critical infrastructure." But, he said, the tools to do serious harm
to the nation's infrastructure "are readily available. They can be effectively utilized by people
with only rudimentary skills and basic understanding of computers." He said there is evidence of
"unauthorized penetrations into all manner of automated information technology systems every day of
the
week."
Marsh told the conference that the cyber threat represents a "cultural change" that
requires a concentrated educational effort at all levels from graduate programs to grammar
school. The commission will recommend that the White House sponsor conferences "to spur
new
curricula in computer ethics and intellectual property for elementary and secondary schools." The
commission also is calling for a doubling of federal funding, to $500 million, for research into ways to
combat cyber threats.
Title: Hackers and Security Experts Warn Senate Panel
Author: Jeri Clausing Issue: Security Description:
An elite group of seven hackers who call themselves LOpht Heavy Industries and have names like Mudge,
Space
Rogue and Brian Oblivion, came to Capitol Hill yesterday to warn Congress that computer security is so lax
that they could cut off the entire nation from the Internet in 30 minutes or less. They also could keep
the
global network disabled for so long "it would definitely take a few days for people to figure out
what
was going on," said Mudge. The group told the Senate Governmental Affairs Committee that their goal
was
"to raise the bar," to get companies to develop more secure products. "The committee
praised
the group, all of whom hold real jobs by day, for their efforts, and pushed for answers on what they could
do to make the country less vulnerable to terrorists attacks as the world becomes more and more reliant on
computers."
Knowledge Management - Dr. Seuss Explains Why Computers Sometimes Crash!