Re: Alert issued for China's next cyber attack

[InfoSec News <isn () c4i org>]

Forwarded from: rferrell () texas net

> "We do use our website for outreach and we are sensitive to its
> security. But it's important to put the defacing of Web pages in
> perspective. Admittedly it can be done, even with security measures
> in place, but it's more akin to vandalism than a security threat,"
> said Dr Steven Metz, director of research and chairman of the
> Regional Strategy and Planning Department at the Strategic Studies
> Institute at the US Army War College.

This completely misses the point.  Yes, Web page defacements are just
annoying.  But the process of defacement requires, under most
circumstances, that the attacker gain root access to the victim
machine.  Script kiddies are doing this right and left, as evidenced
by the mirrors of their juvenile defacements.  If it's that easy for a
clueless teenager to get root, imagine what a walk in the park it
would be for a trained operative with governmental or well-funded
terrorist organization backing.

Web defacements are simply the lowest-level indicators of the
widespread failure to implement even fundamental network security
measures.  They are the modern IT equivalent to the canaries miners
once took into the mines with them to serve as early warning for toxic
gas buildup.

This is not to say that there's any reason for panic.  Despite the
loud and shrill cries concerning the horrific consequences of a
fanatic with a laptop, the odds of a cyberterrorist actually killing
people are quite slim.  At least for the foreseeable future, it will
be far easier and more productive to walk into a crowded area and blow
yourself up than sit huddled in a dark room trying to hack into a
utility company, air traffic control system, or 911 network.

What I worry about is not a single event or series of events: it's the
slow, insidious corruption of network integrity by a well-planned and
orchestrated long term effort of a group of dedicated, highly trained
operatives.  A massively distributed denial of service launched to
coincide with some physical attack, for example.  The Internet has
become very important to our communcations infrastructure since its
public introduction a little over a decade ago.  That increasing
dependence has not been accompanied by a concomitant increase in
awareness or the practice of data security.  The more unprotected eggs
we put in the Internet basket, the more likely we are to be
unceremoniously scrambled.

RGF

Robert G. Ferrell
rferrell () texas net



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.