RE: Thoughts on The White House Chicago Town Hall Meeting.

[InfoSec News <isn () c4i org>]

Forwarded from: "Lepchenske, Craig L (Raytheon)" <LepchenskeCL () navair navy mil>

Greetings all. I have been reading this newsgroup for a little while
now. I'd like my first comment made on this list to be on the
"cyberterrorism" debate. I hope I don't put my foot too far in my
mouth.

To me, it seems as if cyberterrorism would require a "give or I'll
take" type threat in order to be considered "cyberterrorism". The
examples listed above seem to be a "I'll take and I don't care what
you do or think" type statement only. There were, to my knowledge, no
demands for social or political change in order to stop the denial of
service condition. True, it did cost millions in potential business,
but there were no threats made. So let's take a look at what might be
the definition in The American Heritage Dictionary for
Cyberterrorisim:

"The unlawful use or threatened use of denial of service attacks or
loss of data by a person or an organized group against computers with
the intention of intimidating or coercing societies or governments,
often for ideological or political reasons."

Only a few words changed there, and I'm sure there could be other
unlawful uses or threatened uses, but you get my point. I think many
people have confused that word "cyberterrorism", and the exact reason
why there are some outlandish laws in the works with that word stapled
to them. Some people in congress are confused and wish to call all
acts of hacking cyberterrorism. That would be similar to calling all
murders acts of terrorism. I condone neither, but there is a distinct
difference between plowing a couple of planes into a few buildings and
killing one or two people. One was done by a group intent on
destroying the life the United States stands for. The other, perhaps,
done by an irate or insane person who decided the people he murdered
were in the way, or better dead, or what ever reason.

The people who are conducting the suicide bombings are doing it to
make Israelis afraid of living where they are. The suicide bombers
want the Israelis out so their families can live there (my simplified
view of that situation). The people who launched the denial of service
attack on Ebay are doing it for S n G?

There is a real threat for cyberterrorism, but first would have to
come a threat, "If you don't paint a mustache on the statue of
liberty, we'll launch a denial of service on the NYSE." THAT, is
cyberterrorism.

As for the ethics question, perhaps parents should take the
responsibility there. So many inherent parental responsibilities are
shoved off to the government and to the school systems because parents
can't or wont follow through with their obligations. Eventually, we'll
find that we, as parents, will have little or no say in what our
children learn or do, because we've given most or all of the
responsibility to the school systems.

Perhaps this topic has been worn thin, but it seems to me that people
are still misconstruing that word "cyberterrorism".







-----Original Message-----
From: InfoSec News [mailto:isn () c4i org]
Sent: Friday, May 31, 2002 5:01 AM
To: isn () attrition org
Subject: [ISN] Thoughts on The White House Chicago Town Hall Meeting.

> While terrorism is defined by The American Heritage Dictionary as...

"The unlawful use or threatened use of force or violence by a person
> or an organized group against people or property with the intention of
> intimidating or coercing societies or governments, often for
> ideological or political reasons."

> But many have pointed out that cyberterrorism is a myth, why would
> terrorists want to use the Internet to attack the U.S. and its allies
> when it pushes their goal of terror to walk a homicide bomber into a
> pizza parlor and have all that carnage covered by the major television
> networks dinner-time news.

> You then have to ask the question, what is it if someone is doing a
> massive distributed denial of service attack on the world's financial
> markets? Jim McNulty, the president of the Chicago Mercantile Exchange
> pointed out that last year on the average they were doing over $2.5
> million in transactions per second. Take an eBay like attack like from
> February 2000 of between 1-3 hours and we would be talking of a loss
> of anywhere around $150-500 million dollars on just one institution.  
> Would that be cyberterrorism? I would think so.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.