Cyber-Attacks? 373
Galahad2 writes "The Washington Post has a lengthy article about the Bush administration's fears of an Al Qaeda cyber attack on the nation's infrastructure. Though we have all seen this sort of attack as a possiblity for a long time, I'm having a hard time believing that Al Qaeda is capable of anything along these lines." You're not the only one. The article does cite an example of the only known infrastructure attack, a case in Australia where a consultant used his inside knowledge of a local sewage treatment system to dump raw sewage, hoping for a contract to solve the problem he created.
Forgotten Y2K fiasco already ? (Score:2, Interesting)
Isn't this exactly what happened with y2k ? Consultants talked up a problem in the hope of being paid to "fix" it.
It's not so unique
Re:Forgotten Y2K fiasco already ? (Score:3, Interesting)
Whats even more funny is that I remember an incident of a sewage spill during a y2k test in Australia. Is this the same incident?
Re:In summary (Score:5, Interesting)
Security in the military is amazing. At least here. Any computer net designed for "Classified" to "Secret" is not allowed to be connected to ANYTHING except a fiber-op LAN. No floppy, no HDD, Windows boots from servers. The parallel and serial ports are removed, keyboard cords are glued to the machine, cabinet locked with padlock... The network I spent most of my time on had nothing more secret than the SSN of several persons, but that info is "Classified" so we had the server in a EMP-safe, TEMPEST-classified locked concrete room. The fib-op was in concrete ducts, the switch cabinets were thin safes, backups were stored in two separate fireproof vaults... I dare you. Hack that server, my guess is that it is next to impossible, primarily because of the NoNet-policy. Any computer connected to the 'net is automatically classified as "Unsafe" no matter what firewall in between. A computer that is "Unsafe" is not allowed to be next to a secure computer(!). This is to avoid human confusion...
Re:Smart Move... (Score:3, Interesting)
Uh. Duh.
You can't have it both ways. You either have to let the intelligence community work at things and only inform you of the threats deemed likely to occur, or you have them warn you every time some crank caller picks up the phone. Yes, there's middle ground. But who draws it?
Were there screwups prior to 9/11? Possibly. It's likely that we'll look back on it and say "how could that have occurred?" similar to Pearl Harbor now. But it's being done in a post-mortem fashion -- when you KNOW what to look for it's a helluva lot easier to find it than it is when you have 5 million inputs and only one of them is valid.
Re:In summary (Score:1, Interesting)
Internet-connected machines are allowed to sit next to Classified machines, if the person's job requires it. Sharing of the mouse, kybd, monitor is permitted via a labeled KVM (meaning stickers indicating the classification on the switch), and the speakers can be shared if the speaker has two input jacks. Of course, not all machines are able to do this (eg. Sun & x86 boxes)
Obviously, no microphone on the Internet-connected box. The box is allowed it's own disk drives, CD-ROM, hard drives, and even a burner (w/ approval).
Removable disks like CDs or floppies are allowed in Internet connected machines, however, the moment they are inserted into a classified machine (after virus scan, of course), the disk takes on the classification of the machine (even floppies w/ write-protect tab set, and even CDs in non-writeable CD drives). Store bought music CDs are even subject to this.
Oftentimes, however, at least at my site, the two mahcines were of different platform. One was a Sun, the other Windows. Obviously, getting those confused is tough to do. But in cases where they're the same, the desktop must have some immediately distinguishable difference. For example, different colored wallpaper. Most changed the colors of the window edges and the task bar at the bottom of the screen, this way you could tell which box you're using w/ a maximized window.
Hard to take seriously (Score:3, Interesting)
It shows an exponential rise in the "Number of reported cyber incidents".
Pretty scary, no?
Now read the footnote
*Includes probes, illicit entry and attacks aimed at causing damage or taking control
It's hard to take something like this seriously.
It's like putting up a graph showing "Rise in illegal activity", with a footnote that says,
*includes parking violations, theft, and murder
- SWM
FUD (Score:1, Interesting)
We have several SCADA (supervisory control and data aquisition) systems. Yes, they do control a lot of things which, if abused by someone with specific background knowledge, could do serious damage.
We also know that we have been under surveillance from that part of the world. A couple intruders were nearly caught inside one of our more critical installations. Unfortunately, they escaped. Similar instances of on site surveillance have been noted by the FBI. In fact, at one site they were caught, and yes these were men with Middle Eastern ties (I know that doesn't mean much, but I doubt that we'll learn anything more in the near future).
This article has got some awful FUD and irrelevant stuff in it. For example the Al Qaeda computer they found with AutoCad and Microstran on it is old news. The Australian control system hack case is even older news.
To date, I haven't heard of Al Qaeda successfully attacking anything via the Internet. Despite that, we have plenty of reason to take this threat seriously. Our systems can run independent of the regular intranet and they never touch the internet. Any attacks on us would have to be physical assaults on company facilities.
So a strictly Internet based attack is highly unlikely. However, like others in municipal utilities, we have a soft underbelly that management knows very little about. They come from all over the world and all walks of life. They have agendas of their own, they're often frustrated and mad as hell.
They're called employees.
Sleep tight.