Follow Slashdot stories on Twitter

 


Forgot your password?
Close
typodupeerror
×
Security

E-terrorism, Bark or Bite? 172

Posted by timothy from the that-darn-innernet dept.
packeteer writes: "Huge multi-part article on CNET news about electronic terrorism. The article has some interesting scenarios about posible types of attacks. It also has some good info about whats being done to prevent attacks as well as some info about media-hype that's put on 'hackers'. Good read."
This discussion has been archived. No new comments can be posted.

E-terrorism, Bark or Bite? More

E-terrorism, Bark or Bite?

Comments Filter:
  • I honestly find myself worrying more about E-terrorism than I do about some crazy person hijacking a plane I'm on.

    The effects of an e-terrorism attackw would certainly be much more widespread than a conventional terrorist attack. Nearly everything that we depend on in day to day life can be hacked. It's scary thought to have some ill-minded take control of the Hoover Dam or a nuclear power plant.
    • The reason this article is titled "Bark or Bite?" is because it has to do with overblown fears. If you read into it about that dam "hack" was that it was NOT some 12 year old at the controls and was in fact a 27 year old who had no real control over the gates.

      This article is very good in that it shows that E-Terrorism is not a big problem. The big problem is that we are worrying about it all the time and are having our rights taken away. This is why its called "Terrorism". It doesn't do THAT much damage, do you know anyone who was killed on 9-11? im sorry if you do but most of us dont. For most of us the real damage comes from the fears and the irrational actions taken because of them. Its a horrible thing what happened but its also horrible how we are reacting.
  • How many times are we made complacent by media exposure and official fearmongering? Just because it's tiresome to hear about this doesn't mean that some weak spot won't be found and exploited. Whip us into a frenzy!

    • Re:Bite (Score:3, Interesting)

      by irve ( 603789 )
      I in Europe see this as a strange thing. Media in USA just whips and whips up old dust. It's almost a year and the people still are constantly reminded of the thing that happened. Somewhy the people are kept frightened, someone likes it. Perhaps to justify military budget and raise the ratings of certain politicians. Is the threat really so imminent? Has there been a real open investigation? Sometimes I feel the US government is the real terror to the people, not the zeal-driven desperate madmen of Middle-East.
      • Hmmm. Well, perhaps the reason that it's more prominent in the USA is because the largest terrorist attack in this century happened in the USA just about a year ago. Just a thought.

        Granted, the media overplays the whole thing but that is nothing new.

    • Re:Bite (Score:3, Insightful)

      by Boss, Pointy Haired ( 537010 )
      leet hacker: "I could break into your traffic light control system over the Internet and make the lights go green in both directions."

      leet traffic light manufacturer: "No you couldn't."

      leet hacker: "Why not?"

      leet traffic light manufacturer: "Because we have protection in place. Relays physically prevent power being supplied to both red and green lights in opposing directions at the same time."

      leet hacker: "What is the response time of those relays? What if I hacked your box and strobed the lights so fast that they appeared to be still lit?"

      leet traffic light manufacturer: "Ah....."

      • Traffic signal conflict monitors (Score:4, Informative)

        by Animats ( 122034 ) on Sunday September 01, 2002 @11:15PM (#4182346) Homepage
        Traffic signals in the US have a "conflict monitor", a hardwired device that is connected to all the green light power circuits. It's a physically separate box inside the signal controller. If it detects an invalid combination, it drops a relay that switches all the lights to blinking red/yellow. The matrix that indicates which lights conflict is hard-wired on a plug-in board with a matrix of diodes (typically 120 of them) representing each possible conflict. Programming the board is done by physically clipping out diodes.

        Remote reset after a conflict detection is possible for some units, but takes 6-10 seconds, during which period all lights are in blinking red/yellow.

        There's an NEMA spec for this, and this functionality is required.

        Unfortunately, there's a trend towards putting more functionality in the conflict monitor so it can diagnose and report other problems, then giving it some communications capability. This is a concern. But conflict monitors are, intentionally, much dumber than the main controller, which is a full-fledged computer typically running OS-9.

    • There is an article about this in a recent LA Weekly [laweekly.com] that some might find interesting:
  • E-terrorism, FFS, does anybody DIE? No. Its not terrorism.
    • If some e-terrorist was to take control of a dam near you and decided to open all the flood gates, don't you think that would inevitably kill people?
      • Yes, it would kill people, but guess what - the dam shouldn't have been connected to the Internet in the first place! Only a complete retard would hook a dam up so that it could be hacked into from the other side of the world! Why the hell does a dam even need to be part of a WAN?
        • "Why the hell does a dam even need to be part of a WAN?"

          I have a better question: Why would they do that if it wasn't important? It's easy to ask a question like that when you have no bloody clue how the thing even works. But if somebody were to hook up a dam to the WAN, they'd need to have a good reason. Making it useful on the web is not a 'flip a switch' deal.

        • Why the hell does a dam even need to be part of a WAN?

          Did you really mean to ask this question? Of course a Dam needs to be part of a WAN. The Dam controls don't neccesarily need to be, but if the Dam is on the LAN and the LAN is connected to the WAN... Well, that's where the problem starts.

          You're statement makes me think you're all wet. :)

          (and I feel like Dr. Suess)

        • A couple of years ago, a laptop with software and hardware for connecting to and controlling a dam was stolen here in Norway. Even worse, there was no security features, so the system was wide open if someone knew how to start the program and connect by the phone line. Amazing.
        • ok now i know its a long article and im sorry for expecting you to read it all before you flame away but just try it... the "dam hack" was not even close to hurting anyone... there was no chance that this hack was going to cause the flood gates to open... that was utter BS made up out of thin air... read the rest of the article and you might inderstand...
      • If some e-terrorist was to take control of a dam near you and decided to open all the flood gates, don't you think that would inevitably kill people?

        I think anybody who lives under a dam is a fool.

        Would you build a normal house on(under) a river?

    • Re:E-terrorism, it not F***ing terrorism, (Score:4, Insightful)

      by Anonvmous Coward ( 589068 ) on Sunday September 01, 2002 @05:21PM (#4181533)
      a.) Terrorism is not defined by death. Don't believe me? Look it up.

      b.) Your 'point', despite it being horribly wrong, adds nothing to the converstaion. If people maliciously got into a sytem and did harm, they could find creative ways of creating trouble.

      The unfortunate side-effect (For the would be terrorists) is that all it'd do is make our systems more secure.
      • The unfortunate side-effect (For the would be terrorists) is that all it'd do is make our systems more secure.

        Heh... Worked for our airlines, right? (Okay, well the airlines LOOK more secure, I'll give them that.)

        terror

        Intense, overpowering fear. See Synonyms at fear.

        One that instills intense fear: a rabid dog that became the terror of the neighborhood.

        The ability to instill intense fear: the terror of jackboots pounding down the street.

        Violence committed or threatened by a group to intimidate or coerce a population, as for military or political purposes.

        Informal. An annoying or intolerable pest: that little terror of a child.

        While you are technically correct, nothing instills 'intense fear' like death. It's not like people associate that with a tax audit.

        • Actualy, the fear of the possibility of death is more damaging than actual death. When you leave things up to people's imaginations, they generate worst case senarios that are unreal. Why else do you think most of the violence in a Hitchcok film was never on screen? It plays with your mind.
        • Heh... Worked for our airlines, right? (Okay, well the airlines LOOK more secure, I'll give them that.)

          It's rather easier to make something look secure than it is to actually make it secure. There are some reports that airline security is now actually less secure than it was last year.
    • Not very bright, are you?
    • People don't have to die for it to be terrorism.
      But... I think a better question would be. E-terrorism, FFS, does anybody care?
      Bob can't get to his favourite cooking website... Who cares (other than Bob, of course)?

  • People are scared of things they don't understand. (Score:5, Insightful)

    by El Pollo Loco ( 562236 ) on Sunday September 01, 2002 @05:15PM (#4181519)
    Yet the hyperbole about an Internet attack frequently overshadows common sense. On Sept. 11, it took less than 24 hours after four passenger jets were used as weapons of mass destruction for cries of cyberterrorism to emerge as the next great threat, triggering calls for new legislation to broaden the authority of law enforcement agencies.

    This is exactly the problem. Something incredibly bad happens(9/11), and people look for something to blame. What's the biggest rage in the world right now? The Internet. But most people don't understand the internet, computers, and such. As such, the fact that it's a magic black box that is connected to everything means that it's a danger, and needs to be regulated. We need to stop these knee jerk reactions. I'm not saying that security should not be a concern, but all these calls to regulate the entire internet is blatenly irresponisble. Deregulation fosters growth, much the same as kids with tons of rules generally don't grow up to be extremely crazy thinkers. Stop trying to make anything you see into a scapegoat. The problem is not the internet, nor is it brown skinned people from the middle east. The problem is unenlightened human beings.
    • What's the biggest rage in the world right now? The Internet.

      They have the internet on computers now?

      As such, the fact that it's a magic black box that is connected to everything means that it's a danger, and needs to be regulated.

      There is a very real danger in that many systems that have no material reason for being on the internet are accessible from the internet: Maybe the control systems company thought it'd be more economical than using a private frame relay, or they wanted to be able to put in their presentations "Internet enabled". We're talking about the control systems for hydroelectric dams, some power generation and control facilities, traffic control systems, etc. The danger in these cases is very real.

      However, personally I would completely agree that there should be a heavy amount of regulation. For instance, each ISP needs to have some onus of responsibility for the traffic originating from them to peering partners. I'm not saying that UUNet needs to censor alt.binaries.*, but rather that a massive DOS attack originating from UUNet sources should be quenched by UUNet and should not be allowed to saturate the destination. There are a myriad of situations like that where the internet is far too reckless (for instance, as has been mentioned in a million postings otherwise, all ISPs should dump packets which contain functionally invalid source IPs. It's pretty trivial stuff).
    • Don't say this here on /.
      Most people (except some of the trolls) already know that. Talk to your neighbors about this. Tell them to tell their friends, which should tell their friends etc.
    • I completely agree that Internet terrorism is a myth. We also need fewer regulations based solely on the Internet, and more enforcement of the laws we already have in place. Fraud for example is in existence in the real world too, so fraud on the Internet should be dealt with the same as a mail fraud would be.
      People who want to hear some straight talk on Internet security, and the bumbling NIPC that has taken on the responsibility for it, should visit Vmyths.com [vmyths.com] There are great articles there to dispell virus myths, and also documentation of the FBI gaffes from over the years. If e-terrorism were possible, it would have made the news by now, in more than just a "science-fiction" light.
      • Help me educate the masses. The internet is not a new world with a new set of rules. The internet is the same world which we live in now, except is a more accurate representation. Regardless, the same rules of life apply on the internet.

        1) Don't talk to strangers
        2) If it's too good to be true, it is
        3) Hide your valubles
        4) Get ID
        5) Don't be a dumbass
        6) Use common sense

  • Makes you wonder... (Score:5, Insightful)

    by SerpentMage ( 13390 ) on Sunday September 01, 2002 @05:21PM (#4181532)
    The comment was that e-terrorism may occur, but that there would be little loss of life. And I really wonder if the terrorists would attack the network themselves.

    I would tend to think they would attack the source, which would attack the network indirectly. Like the comment about the tree falling on a power line and cutting off electricity for a while in an area.

    Where I think there ought to be more concern is digital theft. Oddly enough we always hear about young hackers breaking into a network and getting caught. Please tell me where the older hackers are? Since I doubt that there are no older hackers. UNLESS, they are successful and do not get caught. Those are the folks that we need to be scared about in digital terms.

    Nut balls like Bin Laden I think are more concerned with killing and general mayhem and anarchy. Sure they may use technology, but that is not their main focus. And I really think that Bin Laden's strength is not high tech, but low tech and sheer simplicity. Like using a plane as a missle. Who would have thought it? What scares me about nut balls like him is that he uses our free societies against us!
    • Old hackers? I thought they called those "security consultants"?

      Why hack when you can make $250/hr?
      • The reason why I mention this is because of an article I read about computer usage among drug lords. Well, if they have that sophistication, what about the real hackers that money launder.

        My thinking is that stealing credit cards is not really that interesting for hackers. Instead I wonder if it is not more interesting for hackers to put in money into the system. Not additional money, but making the money not raise any triggers. Result? Clean money laundering. And that would definitely be worth a WHOLE S**T load of money.

      • Old hackers never die...they simply sell out to the corporations.

    • Nut balls like Bin Laden I think are more concerned with killing and general mayhem and anarchy.

      That's my impression, too. The Internet and computers in general have that "it doesn't work, usually, so get over it" aura, so you can cause hardly any fear by disrupting Internet services, at least among the general public.

    • Re:Makes you wonder... (Score:1, Insightful)

      by Anonymous Coward
      Glad to see you know all about Bin Laden and what makes him tick. I'm positive you must've researched this extensively and had completely unbiased reports of the man to come to such a conclusion. I'll bet there are some government departments who could use your valuable insight in combating the terrorist menace, too.
      • Given that we've seen the sort of resources Bin Laden has at his disposal, the fact that our stockmarket hasn't been shut down, the traffic lights haven't all stopped working ans ATMs aren't spewing cash into the streets, I'd say it's pretty safe to say Bin Laden is more concerned with the elimination of his targets rather than the terroising of them.

    • Worst case scenario (Score:3, Insightful)

      by einhverfr ( 238914 )
      The wors case scenario I could see would be an attack on the communication szstem coupled with an attack on another massive attack.

      The standard phone network could be attacked in a way that could hamper emergency response, as could the 911 centers. Additionally, if one here to hit the internet, the ability of informaiton to circulate immediately would be reduced, thus increasing the level of uncertainty that the terrorism seeks to create.

      Your power plants, air trafic control systems, etc. are hard enough to hack that they fall into the realm of diminishing returns (like chemical attacks) which are much more expensive to pull off than a comparably damaging attack on the communications network.

      Or here is another scenario-- hacking Wall Street and hampering the trading of stocks (think about the economic damage of that one).
      • > Or here is another scenario-- hacking Wall Street
        > and hampering the trading of stocks (think about
        > the economic damage of that one).

        That is one of the things that the attack on the World Trade Center was supposed by the attackers to do. They assumed that destroying the records of the brokerages and investment banks would cause complete chaos in the US financial markets. How likely do you think it is that people who have never heard of off-site backups would be able to crack Wall Street's computers?
        • The most likely scenario for a cyber attack on Wall Street is falsification of ticker data by exploiting vulnerabilities in the "Instant Messaging" systems through which the ticker information is distributed.

          This, in turn, drives computer-driven buying and selling cycles, which draw the rest of the system into a spiral.

          As one example, E*Trade recently announced an association with Yahoo for distribution via Instant Messaging of ticker data to autonomous agents running on user's computers, which would then use the data to may buy/sell decisions based on user specified thresholds.

          Exploiting a system like this would be, if not trivial, at least relatively stright forward.

          -- Terry
        • That is one of the things that the attack on the World Trade Center was supposed by the attackers to do. They assumed that destroying the records of the brokerages and investment banks would cause complete chaos in the US financial markets.

          Since we still don't actually know who carried out the attack, conspiracy theories including the officially endorsed one aside, it's kind of hard to guess at the motives.

          How likely do you think it is that people who have never heard of off-site backups would be able to crack Wall Street's computers?

          If someone were to make this kind of attack they would want to remain unnoticed for quite a while.
    • Like using a plane as a missle. Who would have thought it?

      Yeah who would have thunk it? There are really too many people that actually think Bin Laden was the first person to think of this.

      I suggest you go back and read "The Running Man," written by Stephen King under his Richard Bachman pseudonym in . Lovely part in there about flying an airliner into a skyscraper.

      Also check out "Debt of Honor" by Tom Clancy. Boeing 737 (I believe) kamikazies into the Capitol Building.

      • Using that analogy absolutely nothing is original. Sure it has been mentioned. But what I was trying to point out is that he DID IT! Just because you write it in a book does not mean it can actually be carried out. Books have this nice habit of making things work, because well, its fiction. As they say ideas, a dime a dozen!

    • What the hell, I've got perfect karma, I'm willing to risk getted modded to -1 for a good cause.

      Who would have thought it?

      Give me a break. Anybody with the slightest twinge of intelligence thought of it. I'll admit that excludes about 98% of the people in the world, but still...

      That is what makes it so horiffic. With better training OR stronger cockpit doors OR sky marshals OR a number of other measures, this would have been prevented. However, not a single finger is being pointed at the FAA for any of this.

      What's more, they've known about the plan to do just this since 1995, and even to this day have really not implimented these solutions. What do they do? They make you use plastic forks, as if it's somehow easier to kill with a box-cutter than a sharpened pencil.

  • Obviously there are risks from cyber attacks, regardless of whether they are script kiddies or "eTerrorists". But these scare monger, over hyped "scenarios" have been beaten to death already. This article tries to pass itself off as objective but, it is just more ludicrous hype.

    I'm starting to wonder if these stories aren't plants from the justice department designed to generate irrational fear in order to grease the path of John Ashcroft's next chip at American freedoms.

  • This Just In! (Score:3, Funny)

    by DrugCheese ( 266151 ) on Sunday September 01, 2002 @05:27PM (#4181552)
    E-Terrorist Hackers Foil Local Website

    Arny's Dry Cleaning located at 1010 East Kimberly was recently hacked by hackers. The hacking was carried out by E-Terrorists hackers who left this message: you were hacked by hackers
    The local police and FBI are working togeher to catch the hackers who hacked this out. More at 11
  • While I was reading the articles, I kept imagining this voice in the back of my head. It took me a while to place it, but I did: The voice of reason. Finally! Maybe people will calm the hell down before all the really damaging laws are passed.

  • Does it classify as E-terrorism (Score:3, Insightful)

    by jukal ( 523582 ) on Sunday September 01, 2002 @05:34PM (#4181570) Journal
    if you provoke, scandalize and create hype about E-Terrorism ;)

  • Ack! (Score:1, Insightful)

    by Anonymous Coward
    E-terrorism! Please, take my first amendment rights away so we can fight off this plague!

    • Re:Ack! (Score:2)

      by mpe ( 36238 )
      E-terrorism! Please, take my first amendment rights away so we can fight off this plague!

      Is there enough left of that part of the US Constitution to be taken away.

  • Bite? (Score:2, Funny)

    by Hilleh ( 561336 )
    It's got about as much bite as my 12 year old brother trying to Win Nuke my *nix server because someone in the Yahoo hackers lounge told him it would "totally be pwned".

  • Links (Score:3, Interesting)

    by Taylor_Durden ( 605279 ) <SlashdotTylerDurden@hotmail.com> on Sunday September 01, 2002 @06:01PM (#4181624) Homepage

    Myth [ucsb.edu] of eletronic terrorism (trollish site, but still interesting)
    Definition [techtarget.com] of electric terrorism.
    Tips [tiger.org] on preventing electronic terrorism.
    Opinion [mit.edu] article by a MIT student about overreacting to terrorism.
    First article [codoh.com] I can find mentioning electronic terrorism

  • One Thing to Remember (Score:3, Insightful)

    by Jagasian ( 129329 ) on Sunday September 01, 2002 @06:03PM (#4181631)
    Remember Y2K!

    Remember the hype!

    Remember the scare!

    Don't trust the mainstream media's portrayal of anything related to computers because the mainstream media is created by and targetted towards a very large group of people who do not understand computers. I don't think I need to explain how people tend to fear what they don't understand.
    • > Don't trust the mainstream media's portrayal of
      > anything related to computers...

      And just what _can_ you trust the mainstream media's portrayal of? You know they get computer stuff wrong because you know something about it yourself, but what reason do you have to believe that they get anything else right?

  • Terrorists can't bring down economy with computers (Score:4, Funny)

    by Ilan Volow ( 539597 ) on Sunday September 01, 2002 @06:17PM (#4181669) Homepage
    The venture capitalists and wild stock market speculation beat them to it.

  • if they want people to take any of this seriously, maybe they should break away from the buzzwords. E-Terrorism, give me a break. Cyber is just as bad. I'm not sure if anyone's with me on this, but when I see E anything, I dismiss the article as sensationalist journalism for the ignorant masses and ignore it. Troll me if you will, but this pathetic "it's cool to sound techy, e this and cyber that" trend has to stop.
  • I do this for a living and while the world is filled with urban myths and apocryphal stories the risk is real. Every day sites are knocked over or D0S'd or rendered crippled in some way. Most of them are commercial sites or consumer sites but none the less every site is at some risk and many of them fail every single day.

    We host government sites that get hammered at 24-7. We host exchanges that someone is trying to break. We host DBs and catalogs that have all sorts of 'risk acceptances' documented all clear and pretty where the customer basically says "yeah I know it's a piece of shit but I'm not paying to fix it so just tell the auditors we're willing to accept the risk."

    OK so the proverbial air traffic control system or water treatment plant system or nuclear reactor cooling subsystem hasn't been nuked yet.....

    Sleep tight boys and girls, the future is bright.

    • Stupid eh? Im rubber and your glue....

      Seriously, you making vague job references, and refering to government sites doesnt have a direct correlation to your knowledge any more than someone who has an MSCE is automatically a better computer engineer.

      First off, I dont understand how you claim a site being DoS'ed and taken down is the end of the world. If your site gets corrupted, why are you actually planning to be so majorly impacted? Since you seem to be the expert here, why arent you implementing redundancies and protocols to handle what you seem to think is inevitable? Use redundant servers, some of which are never on a network physically until actually needed. If your sites are under threat from such minimal dangers, its no wonder you werent specific as to the company you run.

      In my state, Illinois, there is not a single nuclear power plant who has an internal network even connected to the internet. The only way to do it would be to send a high pulse of signals, I mean REALLY HIGH, over a network cable to induce a similar voltage in any nearby electrical cables which would then carry it until it came close enough to the internal network cables to also induce a current and then propagate over the network. And even that half-ass, convoluted method would at best, be only a one way connection. Id like to see you open my garage door because my computer in my house is connected to the internet.Technically, but not logisticly, its possible.

      Your just making things up now

      • Ok don't take my word for it. Why do you think that only physical assets are the ones that are threatened? Do you honestly believe that law enforcement systems when splashed wouldn't have an adverse effect on the state of things? How about interbank lending systems? How about aircraft maintenance service record databases? About 100 trillion dollars, that's right, with a T, flow through world financial systems on a daily basis. How MAJORLY a big deal is it to disrupt 3% of that.

        We're not talking about minimal protections we're talking about the cost to implement large scale protections on very large systems that are owned by commercial companies who make judgments on how they want to spend their own money. That is, in lieu of insurance dollars.

        It's time to grow up pal and see how large institutions really manage and measure risk and stop thinking about technical feasibility; majorly, speaking, that is.

        • Frankly, none of those things really concern me. Im 'grown up' enough to make decisions based on realities around me. If ACME airline co, cant secure their own computers against attack, why would I choose to fly on them, or fly at all?

          I dont really care if your stock portfolio goes down because of some over blown 'cyberattack' on any infrastructure, perhaps you should take your own advice...grow up, there are much more important things in this world than money or computers.

          As far as police go, what dilusional system do you live under where you think all police databases are somehow interconnected so much they wouldnt survive if they werent? Is that why a known murderer in one state one day could just get let go after a simple traffic stop in another state the same day? The state I live in has no idea what my driving record was in local municipaliteis in other states.

          Are you afraid of what you would do if your computer went away that much? Are you that much of a bitch of the system? You seem to call yourself so enlightened, why are you behaving like the husband whos wife just turned off the TV in the middle of the big game? You still are making such broad statements that its beyond difficult to take anything you say seriously. I wonder what side you would have been on during the live broadcast of 'War of the worlds"... would you have been the one freaking out because you heard some made up story that someone else was telling?

          Please, do not fall to the falicy that seems so prevelant these days. NO BUSINESS IS GAURANTEED THE RIGHT TO EXIST! If they cant keep themselves running as a biz, its no concern of mine. Another person will fill the hole left from someone elses incompetence, thats the wonder of capitalism. Dont fear change, welcome it, its going to happen anyway.

          why dont you offer any faith in the ability of people to rise to a challenge? perhaps you dont, or cant, but do not extend your fear outward into what you see the world as.

          actually this seems like some strange deja vu of three years ago. When all those 'experts' were warning of meltdowns and planes dropping out of the sky on jan 1, 2000. They all used broad scenarios with zero facts, but a pile of emotional fear-mongering from here to the moon. Its ok to be afraid of technology, or anything that you dont understand. But you must be careful how you react to that fear

          see what happens when I stay up all night working...I string on an arguement with someone I dont even know prolly half way around the globe...hehe

        • OK, so what else is new. Web sites and companies are hacked every day. Power goes out all the time. Data get's lost. Have you ever lived through a 2 week black out in the middle of winter? Believe me, bad things happen, but life goes on. The greatest aspect of humanity is our stubbornness. We dont' know when to give up. The world may crash, but we'd come right back and just rebuild.
    • I disagree with two of your premise...

      First, realize that we have malicious and creative hackers educated in the most creative society and the one with the longest P.C. history. Not the most wired anymore, but due to creativity and culture I'd expect our hackers are among the best. And if the Isreali, Korean, or Indian hackers are better, well, they too have been attacking our corporates, gov't, etc for years. Many teenagers are terrors, if not formally terrorists, for a few energetic years. Anything sensitive already has a LOT of firewalls, failsafes, and protections in place. So I disagree with the premise that there's all that much unprotected and tied-in-together, just waiting for a malicious attack.

      Second, I disagree with the premise that these terrorists pose a reasonable threat in this arena. Their backgrounds tend towards zealotry (of a different sort than common here on /.) and probably wouldn't be compatible with the years of experimentation, playing, and studying needed to master systems hacking. I'm involved with computer security and I have a pilot's license; flying is much much simpler and easier. I also have a physics degree and can comfortably state that building nuclear bombs is, relative to successful system hacking on well-protected sites today, easy. (Realize that nuclear bombs have existed for more than fifty years!)

    • (At first, I thought you were saying that you ignored this for a living. Bad joke, and not the point of this post.)

      You're making one mistake here, the same one that most pundits are making: you're confusing vandalism with terrorism. The difference is in motive. Y'see, most of the attacks are for bragging rights, not to terrify people. Or are you suggesting that the terrorism here is an attempt to scare people away from the Internet? In that case, the media reports themselves are the attack.

      "Terrorism" is getting overused a lot nowadays. A lot of what was called extortion is now called terrorism, and spreading FUD is also now slapped with the terrorism label. Just like "genocide" got devalued to mean any percieved oppression, not just the murder of an entire ethnic group.

      So yes, there are attacks on electronic resources, but the possibilities of mass destruction/murder are not high enough to warrant the T-word.
  • Hijacking planes, blowing up bombs, etc. inspire terror -- people become afraid to go to public areas (in Israel especially), some people are afraid of flying planes, etc. I can't see how "e-terrorism" could possibly inspire the same sort of terror. "Oh, so the online order-tracking system is down? Not like it's the first time this week..."
  • One would think that by now that China and its Renegade Province of Taiwan would have served sufficiently as a laboratory of internet cyber-terrorism. They've been attacking each others' systems for a few years now.

    So far, the result has been some defaced web pages, and the deprecation by both governments of Microsoft software.

    • Of course you can ask which country has dropped the most real go-bang variety of bombs on the most other countries since WWII. Don't trust me, ask Google.

      You can also ask which country has the greatest capacity for cyberwarfare and history of attacking other states with it. Ask Google about "crypto ag" and the NSA. "Echelon" is another nifty search term.

    • I don't think we need to adopt the word choices of the largest totalitarian nation in the world. Let's call Taiwan "Taiwan" or the the "Republic of Taiwan".

  • wrong word (Score:3, Funny)

    by Cyberop5 ( 520141 ) on Sunday September 01, 2002 @07:52PM (#4181903) Homepage Journal
    Everyone knows that the e is dead and i is in... this year's buzzword is iTerrorist.

  • Script kiddies are the worst threat... (Score:3, Insightful)

    by wirelessbuzzers ( 552513 ) on Sunday September 01, 2002 @08:20PM (#4181981)
    Any real terrorist organization will always find it easier to place a truckload of C4 outside a dam and hit the button than to break into the computer and open the floodgates. It is not "easy" for "just anyone" to break into these systems. I would worry more about vulnerable computers controlling these sites being taken out by one of the far-too-many script kiddies, by accident. After all, there are many more script kiddies than terrorists. Realizing his find, some 15-year jackass in New York opens the floodgates of Hoover Dam and kills a million people just for the hell of it, then goes and wanks off with the porn in his other window. Kids these days. But suffice it to say, I'm not too worried about that either.

    What terrorists could do is take most of the internet down with a Warhol or Flash worm, which could be done by terrorists and would take out all vulnerable computers in about a minute. While not killing anyone, this would be horrible for the economy.

    Just my $0.02
  • Did a double take here... anyone else catch the problem with this paragraph (from day 3)?
    Accidental damage to wires and cables by backhoes or other equipment during street work remains one of the most common reasons for floods, power outages and communication disruptions to this day
    Backhoes cause floods? By cutting cables and wires? And this is common? They're wrong, aren't they? AREN'T THEY? I think we might be in trouble... See it for yourself near the bottom of http://news.com.com/2009-1001-954796.html [com.com]
    • I think they mean "water pipes" as well, but their editors obviously don't read anything they put up on the site (maybe their editors can't read...)

      • Yes, a friend of mine brought up that argument also. But when is the last time you heard of a water pipe causing a flood? Perhaps washing over a street yes, but a flood seems like it would take much more water than a 14 inch main would spit out. Definitely can't be that common to cause a flood in this manner.
  • even the soda machines in my dorm are controlled via ethernet (student id/meal card can be used to get beverages). I wounder if it'd be a terrorist attack to h4x0r the soda machines to make them more "friendly"?
  • Attacks on the IT infrastructure are at most going to yield either localised effects, inconvenience, or a loss of confidence for most people. The proper way to incorporate IT in attacks would be the following...

    Identify some critical infrastructure to attack. Find IT related systems that if hacked can slow the response and recovery effort. Set us up the bomb ;) attack the IT systems identified in an appropriate manner, and then release some general malicious software to the net to bog it down so people and responders are hindered yet again. If you really want to have fun, target ASP's providing web-based emergency management solutions specifically - there are a few out there.

    Virtual attacks currently seem to work best when used in conjunction with physical attacks - it acts as a catalyst or force multiplier. I wouldn't be too scared about standalone virtual attacks. What is scary is a combined physical and virtual attack on the power grid in Winter using bombs and taking down control networks via the SCADA's.

    Cheers Gav

    PS and check most definitions of terrorism - they usually single out the use of violence to create fear to achieve political or social objectives. Hacking is non-violent generally.
    • Standard approach in the Shadowrun RPG - have a runner hit the systems and shut down the security while the shooters are moving in through the sewer system...heh, heh, heh.

      Like any Arabs are ever going to be that coordinated...

      Seriously, the main problem with terrorists is their terrifying incompetence - 9/11 was a major suprise to me because VERY few terrorist acts have ever been particularly well-executed...

      The second problem with terrorists is: they never follow up. They try to blow up the World Trade Center incompetently first - then it takes them several YEARS to finally get around to doing the job right. You can't run a terrorist campaign like that - you have to be able to deliver chronic, repetitive blows to the enemy, or it's no more significant than getting hit by lightning...
  • Do Cyberterrorists have matching PowerBalaclavas to match their PowerGloves [dmu.ac.uk] ?
  • Depends. Given the current state of the world in which the US defines "terrorism" as most anything that does not follow the US way of life and commerce the BBS piracy i did ten years ago might well be "e-terrorism". And it was real. So it's a bite.

Slashdot Top Deals

For God's sake, stop researching for a while and begin to think!

Close