Re: The "Love Bug Virus Attacks," Asymmetric Warfare...

[InfoSec News <isn () C4I ORG>]

Forwarded By: Dan Verton <dan_verton () fcw com>


I found the below article to be somewhat of an oversimplifed analysis
of asymmetric warfare and cyber warfare. The issue of asymmetric
warfare goes much deeper and one cannot possibly analyze the potential
for an "electronic Pearl Harbor" without analyzing the threat and
intent. Aside from a terrorist-like attack (an attack meant to harass
or impair financial markets) why would an organized (i.e. nation
state-sponsored) cyber threat carryout such an attack? The most
practical reason would be as a precursor to another, larger effort,
such as landing troops or masking some other type of physical attack.
What countries are willing and have the intent today to actually
attempt this? There are some, but is it possible? The intelligence
requirements for such a coordinated attack are daunting.

The existence of capabilities alone does not translate into intent nor
does it translate into a degree of probability of success.

Dan Verton




From: ERRI DAILY INTELLIGENCE REPORT-ERRI Risk Assessment Services
Monday, July 10, 2000
Vol. 6, No. 192

The "Love Bug Virus Attacks," Asymmetric Warfare; Future National
Security Implications...

by C. L. Staten, CEO and Sr. Analyst

Emergency Response & Research Institute (ERRI)


Has anyone noticed that the only thing that spread more rapidly than
the so-called "Love Bug Virus" was the proliferation of commentary
about it. In fact, the talk dominated many forums for several days
after the virus was first discovered.  Given this level of interest
that was demonstrated and the estimated BILLIONS of dollars of damage
that was been done by this virus...one has to wonder what the
intelligence and defense community of the United States is doing about
taking a pro-active stance to protect our vital infrastructures??

Although costly to corporate America, it would appear that we as a
country, have again "dodged the bullet" of major damage to our
military and intelligence C4I networks. That may be due to the fact
that most of the known attacks so far have targeted commercial,
business or other internet-related organizations. But, the attacks
that have taken place so far beg a question that must be asked at this
juncture:  What is going to happen when a concerted effort is
undertaken by experts to use denial of service attacks (2), in concert
with viruses, root-cracking, and other computer-based infrastructure
attacks to attack the defense/intelligence establishment of our
country and her security alliances throughout the world??

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".