Interesting People mailing list archives
IP: TST on Cyber Terror Inquiry
From: Dave Farber <farber () central cis upenn edu>
Date: Wed, 15 May 1996 09:35:09 -0400
The Sunday Times (London), June 9, 1996, p. 1/8 Secret DTI inquiry into cyber terror [Insight Column] The government has been holding a secret investigation into attacks by "cyber terrorists" on the City of London for more than two years. The Department of Trade and Industry (DTI), Bank of England, GCHQ, the secret listening station, and the Defence Research Agency (DRA) are involved in the inquiry. The existence of the investigation, which began in April 1994, emerged after The Sunday Times revealed last week that banks, broking firms and investment houses had paid millions of pounds to gangs that threaten to wipe out computer systems. Correspondence from the investigating authorities, seen by Insight, include letters from civil servants saying they are "extremely concerned" at the evidence of extortion demands. Yesterday the DTI issued a statement confirming the inquiry and suggesting its work had been hampered by the lack of co-operation from City institutions. "We are very interested in the allegations of extortion directed at City of London institutions which were brought to our attention in 1994. We responded then by involving many government organisations, including the DTI, the police, the Bank of England and other agencies. So far, we have not been presented with any hard evidence from victims. We would urge those threatened to come forward," a spokesman said. In one letter, dated May 1995, David Hendon, director of DTI technical affairs, wrote to a company specialising in computer security work stating that he was taking the City extortion issue "extremely seriously". Insight has since seen the evidence passed to the DTI and GCHQ which sparked the investigation. In 1994, a consultant working for a company which undertakes computer risk assessments for City institutions compiled a table of 46 attacks on banks and finance houses in New York, London and other centres, starting in January 1993. The list included details of raids on three British banks and one American investment house. The documents suggested that operations in the futures markets had been a focus for some of the attacks. Documents sent by the DRA, from the office of Professor David Parks, a senior director, indicate that the agency is especially interested in the "weaponry" deployed by the cyber terrorists. The agency believes high-intensity radio frequency (HIRF) guns may have been used to black out trading positions in City finance houses. The weapon disables a computer by firing electromagnetic radiation at it and is a "black programme" at the defence ministry, one of the highest security classification levels. Last December, Parks approached a company which specialises in defensive measures against information warfare and carries out work for GCHQ. For a L30,000 fee it was asked to arrange a demonstration of a portable HIRF weapon in Germany. Details of the HIRF weaponry and its use in the City have also been compiled by Computing magazine, which intends to pass them to the DTI and other authorities. [End] ---------- [Related column, p. 2/4] Held to ransom by superhighway-men Private Account [Column] By Jeff Randall Forget Butch Cassidy and the Sundance Kid, the world's financial institutions have a new type of bank robber to deal with -- the cyber terrorist. Before you start thinking it sounds like science fiction, consider this: the Department of Trade and Industry (DTI) this weekend confirmed there is an official investigation into "raids" by gangs of computer experts who threaten to wipe out electronic information and trading systems, unless they are paid off. The DTI spoke out after last weekend's scoop by the Sunday Times' Insight team revealing that some of London's best- known institutions have paid huge ransoms to "electronic highwaymen" to prevent the meltdown of computer networks. These revelations have sent a shiver up the spines of the City's top banks. Financiers are terrified the emergence of a gaping hole in their systems will cause a loss of investor and customer confidence -- and rightly so. Can you imagine calling your stockbroker to buy a few thousand ICI shares, only to be told its entire information bank had been blown away by a Dick Turpin with a PhD in electronic engineering? If, like me, you know nothing about computer technology, and care even less, the temptation is to dismiss the problem as the creation of Arthur C Clarke. But the DTI has acknowledged for the first time that an investigation into these "attacks" has been under way for two years. The Bank of England and GCHQ, the government's secret listening station, are working alongside the DTI in the inquiry. Agencies in Britain and America believe there have been more than 40 raids on investment firms in New York, London and other European financial centres since 1993. Victims are understood to have paid up to L13m a time after blackmailers showed their ability to bring electronic trading in shares, bonds and commodities to a halt. Futures-market systems have been a favoured target of the space-age bandits. In some cases, the blackmailers have used technology developed by military scientists. But here is the paradox: the DTI has been hampered by the reluctance of City firms involved to co-operate. Extortionists have so frightened the investment houses, they fear reprisals if they are discovered helping official agencies track down the gangs. There is also concern that an admission of the threats would diminish confidence in the banking system and create a loss of face for the victims. A banker told Insight: "You will never get a financial institution to admit it has an extortion policy, let alone that it has paid money." That begs the question: who in London has paid up? Insight has been told of at least four blue-chip firms caving in to extortionists. For the time being, we have agreed to keep certain information confidential to preserve the integrity of the institutions while the agencies investigate. But the names will eventually surface, and then there will be some serious explaining to do. [End]
Current thread:
- IP: TST on Cyber Terror Inquiry Dave Farber (May 15)