|
|
In the abstract, fighting a war is simple. The enemy and the targets are
generally identifiable. But in the war against hackers and virus writers, the
combatants are harder to know.
The attacker might be a 14-year-old in Canada, or a co-worker in the
accounting department. "You'll have every type of person" practicing the dark
arts of programming, said Sarah Gordon, a senior research fellow with the
security technology developer Symantec.
As industry and government seek to repel the attacks for which the Internet
is a launching pad, much of the effort involves understanding those who unleash
malicious code and jiggle digital doorknobs. In the world that emerged after the
Sept. 11 attacks, after all, understanding an elusive enemy has become a growing
part of confronting a threat.
Security experts have warned for several years that cyberterrorism presents a
great potential threat to the United States, with its increasing dependence on
computer networks for everything from weapons systems to hydroelectric dams, not
to mention the underpinnings of commerce. Richard A. Clarke, a former White
House adviser on terrorism, warned even before Sept. 11 of a coming "digital
Pearl Harbor."
And new vulnerabilities that could leave the way open to such an attack are
being discovered all the time: according to Symantec, the number of software
holes reported in the nation's computer networks grew by 80 percent in 2002.
Still, the company says it has yet to record a single cyberterrorist attack -
by its definition, one originating in a country on the State Department's terror
watch list. That could be because those inclined to commit terrorist acts do not
yet have the know-how to do significant damage, or perhaps because hackers and
adept virus writers are not motivated to disrupt networks for a cause. But
should the two groups find common ground, the result could be devastating, said
Michael A. Vatis, head of the Institute for Security Technology Studies at
Dartmouth College.
"There is still a big gap in our actual knowledge of our actual
vulnerabilities to a serious attack," he said.
The government is working to close that gap. In the executive branch,
cyberdefense is one of the concerns of the new Department of Homeland Security.
Within the military, a task force with a $26 million annual budget is studying
cyberwarfare for both its defensive and offensive potential, and President Bush
has signed a directive, disclosed in February, calling for the military to
develop policies to govern the waging of digital war. Regular exercises at the
military service academies, most recently last week, prepare students to defend
military networks against hackers.
For now, though, the quarry in such exercises remains elusive. The most
damaging attacks and intrusions, experts say, are typically carried out by
disgruntled corporate insiders intent on embezzlement or sabotage, or by
individuals - typically young and male - seeking thrills and notoriety.
There was, to be sure, the explicitly political Code Red, a self-reproducing
program known as a worm that was unleashed in 2001 to take control of thousands
of computers and force them to block access to the White House Web site by
flooding government servers with data. Many security experts believe that the
program was developed in China in retaliation for the loss of a Chinese jet and
its pilot after a collision with an American spy plane. Once the worm was
detected, a tweak to the numeric online address for the White House Web site
prevented disruption.
Code Red drew attention to cyberattacks as a vehicle for political activism,
said Roger Thompson, the director of malicious code research at TruSecure, a
computer security company. "Instead of doing it to be jerks and show off to
their buddies, they're doing it to make a statement," he said.
Article source and more:
NYTimes *Registration required
|
|
|
 |
|
No Comments Allowed for Anonymous, please register |
|
| |
|
Login |
|
 |
|
|
|
|
· New User? · Click here to create a registered account.
|
|
|
Article Rating |
|
|
|
|
|
|
Average Score: 3
Votes: 1
|
|
|
