IMF and World Bank Gatherings Could Prompt Cyber Attacks - FBI

[InfoSec News <isn () c4i org>]

http://www.washingtonpost.com/wp-dyn/articles/A60954-2002Sep24.html

By Brian Krebs
washingtonpost.com Staff Writer
Tuesday, September 24, 2002; 3:32 PM 

The FBI is urging network security experts to be on guard against
cyber protests timed to coincide with planned demonstrations
surrounding this week's meetings of the International Monetary Fund
and World Bank in Washington, D.C.

In an alert sent to hundreds of companies that own and operate the
nation's most vital information networks, the FBI's National
Infrastructure Protection Center (NIPC) yesterday warned that "a small
group that intends to disrupt the meetings with a physical attack may
use cyber means to enhance the effects of the physical attack or to
complicate the response by emergency services to the attack."

"The cyber portion of this attack can be executed by sympathetic
hackers or by mercenary hackers seeking publicity," NIPC said.

Despite the urgency of the warning, the FBI "has no credible evidence"  
of an imminent threat, an agency spokesman said.

"This is really just to put companies on alert to be aware of the
potential for such an attack," NIPC's Paul Bresson said. "In the days
of post 9-11, we'd be remiss if we were aware of a potential threat
and didn't at least put people on notice about it."

Chris Rouland, director of X-Force, the research and development arm
of Atlanta-based Internet Security Systems, said there are no signs as
yet that protesters have turned to "hacktivism," save for one Web site
promoting the idea of a "protester scavenger hunt."

Rouland dismissed the notion that protesters might target the nation's
communications networks or electric power grid.

"Too often, hacktivism is confused with cyberterrorism," he said.  
"These people are trying to send a message, not disrupt cyber
infrastructure."

But he said hackers have shown a penchant for mischief during previous
global finance meetings.

Last year, hackers broke into the Web site for the World Economic
Forum and gained access to a confidential list of 27,000 names,
including credit card and phone numbers for summit participants. In
February, a cyber assault disabled the same site during the forum's
meeting in New York.

"It's very easy to fault these alerts, but overall I think they are
very valuable because they tend to raise awareness of weak spots,"  
Rouland said.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.