Information Security News mailing list archives
When Point and Shoot Becomes Point and Click
From: William Knowles <wk () C4I ORG>
Date: Sun, 12 Nov 2000 17:36:02 -0600
http://www.nytimes.com/2000/11/12/weekinreview/12SCHW.html By JOHN SCHWARTZ November 12, 2000 The online world has entered a new phase. At first it was a combination playground, library and meeting house for scientists and soldiers, an inviolate virtual world. Companies later tried to turn it into a mall. Now, it's becoming a borderless battlefield. In recent weeks, the Middle East conflict spilled over into the Internet as Web sites throughout the region have been altered with messages advocating online attacks against other sites, both Israeli and pro- Palestinian in some cases providing the software that make such attacks possible. This isn't the first conflict to see hacker activity; similar incidents have occurred in the Balkans, Russia, Mexico and China. "It's become almost standard practice in any political conflict to see that occur," said Eugene Spafford, a computer security expert who runs the Center for Education and Research in Information Assurance and Security at Purdue University And like the Internet itself, this cyber warfare simply ignores national boundaries. Many attacks on Israeli sites have originated in Pakistan, as did an attack earlier this month against the Web site for the American Israel Public Affairs Committee, a lobbying group. The site was defaced with anti-Israeli commentary. But this exploit took cyberwar a step further: the attacker stole some 3,500 e-mail addresses and 700 credit card numbers, sent anti- Israeli diatribes to the addresses and published the credit card data on the Internet. In an e-mail interview, the Pakistani hacker who took credit for the attack, who uses the online name Doctor Nuker, said he founded the Pakistani Hackerz Club with a friend, "Mr. Sweet," "to hack for the injustice going around the globe, especially with Muslims." He said he published the private information about some of the lobbying group's contributors because "they are the supporters of Israel too." Michael Salberg, a New York lawyer whose personal information hit the Web as part of the attack, said he was shaken by the ability of participants in a faraway conflict to affect him personally. Mr. Salberg said he found it chillingly ironic that he found out about the incident while attending the annual meeting of the National Commission of the Anti-Defamation League, the policymaking and governing body of an organization that opposes the use of hateful speech in the real and virtual worlds. Some call this infowar: the use of high technology and, particularly, the Internet to mount attacks. But much of the recent activity falls under a new buzzword: "hacktivism," a portmanteau term drawn from "hacker" and "activism." Online pundits have long predicted hacktivism would be a force, but it was not widespread until recently, said B. K. DeLong, who works with attrition.org, a nonprofit site that monitors hacking activity. Citing Election Day attacks on Web sites of the Republican and Democratic parties in the United States, as well as the attack on the lobbying group, Mr. DeLong said, "This is the most hacktivism we've seen in months." And while most defacements simply contain semiliterate bragging, the hacktivists aim for a more intellectual effect. The Republicans' site was altered to begin, "As my dear friend Thomas Paine once said, these *are* the times that try men's souls." (The asterisks, a computerese way to add emphasis, were supplied by the hackers and not the Revolutionary-era champion of liberty.) Trying times, indeed. What would Tom Paine say about this? The Supreme Court has declared the Internet the most perfect example the world has yet produced of the marketplace of ideas that the founders envisioned. Yet the founders abhorred those who would shout others down in argument, as the hacktivists do. Recent sites attacked in the Israeli-Palestinian conflict include the Partners in Torah site for Jewish information and the All-Kosher Index of the United Kashrut Authority sites far removed from the conflict and used by people searching for information. By blocking such sites, are cyberwarriors engaging in the equivalent of bombing libraries? That's a minor consideration for Michael O'Hanlon, a senior fellow at the Brookings Institution, who said that today's hacktivism could help military organizations prepare for the worst. "People do you the favor of attacking you so often that you have a chance to build up protection," he said. "Had Israel overlooked the weaknesses still inherent in the Internet and had critical military networks depend on the network, it was leaving itself vulnerable. It's a great way to figure out where your weaknesses are." Amitai Etzioni, a professor of sociology at George Washington University, sees even more good news in the cyberattacks. Perhaps wishfully, he says they move people from the battlefield and into the virtual world, from war, with its real bullets and blood, to pretend war, with its computer game casualties. "If all wars could be so converted," he theorized, "it would be wonderful." Ultimately, Professor Etzioni said, today's attacks are "cybergrafitti." "It may be annoying," he said, "but it's harmless." So far. David J. Farber, an Internet pioneer who serves on the board of the Electronic Frontier Foundation, an online civil liberties group, says that as dependency on the Internet increases, cyberwarriors will do real damage. Businesses will collapse if customers can't reach them online, power grids might be brought down with a mouse click. At some point somebody's going to get the brilliant idea, `Why bomb them? Why not cyberbomb them?' " Mr. Farber said. He sees a day when disinformation experts will plant false rumors online the wartime equivalent of the PairGain scam, in which a stock speculator created a sham financial news item on a Web page that looked like part of a news service's site. "There are going to be a lot of interesting experiments done in this kind of psychological warfare," he said. If war is hell, cyberwar could turn out to be cyberhell. And we're only beginning to discover what that means. [Defaced American Israel Public Affairs Committee site] http://www.attrition.org/mirror/attrition/2000/11/02/www.aipac.org/ *==============================================================* "Communications without intelligence is noise; Intelligence without communications is irrelevant." Gen Alfred. M. Gray, USMC ================================================================ C4I.org - Computer Security, & Intelligence - http://www.c4i.org *==============================================================* ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".
Current thread:
- When Point and Shoot Becomes Point and Click William Knowles (Nov 13)