Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

U.S. Fears Al Qaeda Cyber Attacks (A MUST-READ)
The Washington Post ^ | June 26, 2002 | Barton Gellman

Posted on 06/26/2002 3:56:37 PM PDT by Timesink

Edited on 09/03/2002 4:50:41 AM PDT by Jim Robinson. [history]

click here to read article


Navigation: use the links below to view more comments.
first previous 1-2021-4041-6061-80 ... 101-112 next last
To: Prodigal Son
Another way that they have prevented infiltration is by trusting only relatives with the most vital details. Many of their top dogs are related, directly, by cousins, or by marriage. It's hard to find relatives willing to turn. We have to try, but it isn't easy.

41 posted on 06/26/2002 8:44:02 PM PDT by piasa
[ Post Reply | Private Reply | To 39 | View Replies]

To: Timesink
This is baloney. Communication networks do have flaws, and the flaws can be exploited. But communication networks are not monolithic: different vendors' equipment have different flaws. It would be devilishly hard to mount an attack on a sufficient number of vulnerabilities at the same time. Our NSA might be able to bring down communications in, say, Iraq. But Al Quaida has no practical chance of causing more than one or two U.S. networks to have a temporary outage. Europe's Internet certainly did not fail when KPNQuest was unplugged. If we can survive Bernie Ebbers, Al Quaida hAx0rz have no chance.

What this is is a distraction from serious vulnerabilities like a bioweapon attack or a SAM attack on airliners.

42 posted on 06/26/2002 9:23:40 PM PDT by eno_
[ Post Reply | Private Reply | To 1 | View Replies]

To: Timesink
Oh, and the thing about ASN.1 is just plain laughable and shows what fools the reporters are for letting themselves get spun that way. You could no more bring down a network with ASN.1 than you could a UNIX system with a bootleg copy of yacc.
43 posted on 06/26/2002 9:26:00 PM PDT by eno_
[ Post Reply | Private Reply | To 1 | View Replies]

To: Timesink
Just a few things to share with this thread, since it seems relevant...

My company manufactures control/telemetry equipment for municipal utilities, and we also author a great deal of firmware/software for this equipment. We have been very tuned into the security aspects of these control systems for years now. As you can imagine, we are focused upon this more now than ever.

Have suspicious arabs shown an interest in these systems? Yes. Homeland Security had heard of some inquiries, and they sent us a fax this past winter to be on guard. Also, our company was approached once. A few years ago, a saudi requested detailed information on our control system via email; and we responded with the standard brochures (nothing sensitive). Didn't think much about it at the time, and deleted the email long ago. Also, he didn't like my "foreign business policy"... foreigners pay in advance :-)

This summer, we also observed a man making inquiries to an internet programmers newsgroup targeted toward web server programmers/administrators on Windows platforms. All of his requests focused on finding ways to break into web servers such as Apache, IIS, and Netscape. It became very apparant when looking at all of his posts as a whole. We found that his ip address is in the united arab emirates, and then we notified the FBI with the info. (don't know if they pursued it further.)

Do I think they will hit our water and power supplies? Not really. I have yet to see them take any action which is not based upon killing a lot of people.

Shutting down computerized water pumping stations will not even run people out of water. First, most water systems have a large amount of pressurized storage (water up in the water towers). Second, every piece of industrial equipment that I have ever seen always has "manual" controls in addition to the computers. Could they poison a water supply? Does anyone know how much poison it would take to overcome the dillution of 10's of millions of gallons in a water system? Not likely to happen. Anthrax in the water? The chlorine would kill it. Worst case scenario with water: some people get sick, no deaths. Best case scenario: alqaeda gets shot by the neighbor who lives next to the water tower.

Dam control system disruptions? The filling/emptying of a dam is a VERY slow control processes. "Manual" override would be instituted far in advance of any repercussions.

Power? Power is a lot more vulnerable, because there is no "storage" within the system (as with water). Even a short disruption would be noticed. And power is everything. Actually the best way to shut down a water system is to shut down its power. And why attack the power grid control computers, when much more lasting damage can be done through a physical attack? (Look at what we did to the power system in Yugoslavia). However, although a power shutdown would be pretty darned inconvenient, I still don't see how it is going to kill Americans.

In summary... I don't see alqaeda pursuing this computer hacking angle, because it doesn't kill anybody. These guys are all about killing.

ps. This is just my educated opinion. I'm sure there are smart people who would disagree.... and sorry about the long post. Usually I specialize in short, smartass comments. :-)

44 posted on 06/26/2002 9:33:44 PM PDT by TheEngineer
[ Post Reply | Private Reply | To 1 | View Replies]

To: Grampa Dave
Local officials are only dangerous because local people don't pay any attention to their threatening actions. They have no concept of civics and many don't even have a clue as to our multi-level govenmental systems or what each is responsible, or should be responsible to the people for.

This discussion probably doesn't belong on this thread, but it just cracks me up that people get so excited about some exterior threat and think it is so much more potent than the threat from within. It's all enemies of our Constitution, foreign AND DOMESTIC!!! Mc Carthy was more right than wrong. It's just that he had no class and was crass! Besides, people don't equate sudden death with the enemies of freedom from within. It's slow death instead.

Trite, but true... "Eternal vigilance is the price of freedom!" (still) This terror war is way worse than the cold war ever was!

45 posted on 06/26/2002 9:34:21 PM PDT by SierraWasp
[ Post Reply | Private Reply | To 19 | View Replies]

To: dr_who
Some people here must get an orgasmic high out of being afraid of claptrap that shows up in newspapers. Maybe if they're lucky, there'll be another asteroid on a collision course with Earth when CNN comes to terms with the arrival of another hot, dull August.

Do you actually have a legitimate argument to make as to what's wrong with the article, or are you merely interested in tossing around empty insults?

46 posted on 06/26/2002 9:47:40 PM PDT by Timesink
[ Post Reply | Private Reply | To 10 | View Replies]

To: *AirSec_List; *Bush Doctrine Unfold; *Clash of Civilizatio; *Computer Security In; ...
late night bump and adding to bump lists
47 posted on 06/26/2002 9:57:27 PM PDT by Timesink
[ Post Reply | Private Reply | To 1 | View Replies]

To: Timesink
Well it is a good chance to take a second swipe at the Y2K people. I know some people who will be wiping their ass in 2030 with toilet paper they bought in 1999.
48 posted on 06/26/2002 10:02:37 PM PDT by eno_
[ Post Reply | Private Reply | To 46 | View Replies]

To: Timesink
This is interesting, but if Alqaida hacks this PeeCee thinking that it might control something other than a couple of floppy drives they are doomed to disappointment.
49 posted on 06/26/2002 10:05:07 PM PDT by RightWhale
[ Post Reply | Private Reply | To 1 | View Replies]

To: milestogo
Routed through telecommunications switches in Saudi Arabia, Indonesia and Pakistan, the visitors studied emergency telephone systems, electrical generation and transmission, water storage and distribution, nuclear power plants and gas facilities. Uh-oh..

Maybe not so uh-oh. Isn't the Net a two-way street? Can't we "study" all those systems in Saudi, Paki, and Axis of Evil countries pretty easily? What do you want to bet we already have?

A couple of years ago, World Net Daily reported on a group of hackers, Hong Kong Blonds, who had hacked into Beijing's computers and loused up the Red Army in some pretty interesting and effective ways. So it's being done. Author of articles on Hong Kong Blonds was Anthhony lo Biado (Portuguese name), if you want to look them up.

One little cyber attack, and the USA could retaliate in kind, blowing several nasty little countries off the map altogether. (If they're sophisticated enough to have vital services run by computers.)

50 posted on 06/26/2002 10:08:47 PM PDT by PoisedWoman
[ Post Reply | Private Reply | To 7 | View Replies]

To: Prodigal Son
Sabotage isn't in their rules book.

Mayhem and murder, they think, are. They are wrong about that, but that's what they think.

51 posted on 06/26/2002 10:09:20 PM PDT by RightWhale
[ Post Reply | Private Reply | To 14 | View Replies]

To: concerned about politics
Makes me wonder whether they really want to stop the terrorist. They don't seem to be trying very hard at all. They just keep opening the door for them. I don't understand the logic.

I've been thinking the same thing for a while. We've really made things easy for the terrorists and we don't seem to be in any great hurry to fix it. Scary.

52 posted on 06/26/2002 10:49:08 PM PDT by Vicki
[ Post Reply | Private Reply | To 25 | View Replies]

To: Dog Gone
National resources of the Islamic nations and China may be coordinating. This unholy alliance is the sophistication and cyber shock troops which we must not underestimate. They have read The Art of War.
53 posted on 06/26/2002 10:59:59 PM PDT by SevenDaysInMay
[ Post Reply | Private Reply | To 20 | View Replies]

To: eno_
...another SAM attack on airliners.
54 posted on 06/26/2002 11:05:27 PM PDT by SevenDaysInMay
[ Post Reply | Private Reply | To 42 | View Replies]

To: old-ager
"I have a marketing idea for the credit card companies. Facilitate putting security on such systems by wrapping them in a plain old e-commerce web front end. Then allow operators to log in using their credit cards. Charge the card, say, a nickel for each access. This way, all access is tracked by the credit card infrastructure. For discussion."

Nah. Just install a microscopic ID chip in everyones hand. Much more efficient.

55 posted on 06/26/2002 11:09:09 PM PDT by Windsong
[ Post Reply | Private Reply | To 4 | View Replies]

To: Cachelot; Timesink; SlickWillard; grimalkin; taxbreak; First_Salute
From the article:
"Sources said the government did not learn crucial details about September's Nimda worm... until the stricken companies began firing their security executives."

Do you know what this refers to? What crucial details could they possibly be talking about?

56 posted on 06/26/2002 11:09:40 PM PDT by Mitchell
[ Post Reply | Private Reply | To 9 | View Replies]

To: Prodigal Son
You'd make an excellent Jihadist. In the next life perhaps...
57 posted on 06/26/2002 11:12:00 PM PDT by Windsong
[ Post Reply | Private Reply | To 14 | View Replies]

To: Mitchell
Do you know what this refers to? What crucial details could they possibly be talking about?

I think they're just talking about the plain knowledge that the worm existed, and how to patch their computers to block it. If you go back a couple paragraphs, you'll see the writer's talking about the problems the government is having getting the private networks interconnected with the government's computers to get around to patching their systems, leaving them very vulnerable, and thus leaving the government vulnerable, since they rely on those private companies for many vital communications.

I don't recall there being anything particularly special about the NIMDA worm itself, other than its extreme annoyance factor. But then, I use a Mac and don't have to keep up with such things. *grin*

58 posted on 06/26/2002 11:23:12 PM PDT by Timesink
[ Post Reply | Private Reply | To 56 | View Replies]

To: Timesink
I think they're just talking about the plain knowledge that the worm existed, and how to patch their computers to block it.

No, I don't think that's what they meant.

The existence and virulence of the worm were known very quickly; within just a few hours of Nimda's release, Atty. Gen. Ashcroft was on television to say that the government knew of no connection with 9/11.

The various antivirus companies and security experts analyzed the workings of Nimda extensively and publicized their findings. Microsoft put out a patch for IIS.

None of these things would have been facts that the government did not learn "until the stricken companies began firing their security executives."

Maybe this is just reporter's nonsense, I don't know. Were any security executives fired as a result of Nimda? If so, why?

59 posted on 06/26/2002 11:32:39 PM PDT by Mitchell
[ Post Reply | Private Reply | To 58 | View Replies]

To: Mitchell
Maybe this is just reporter's nonsense, I don't know. Were any security executives fired as a result of Nimda? If so, why?

I have to admit, I have no idea as to the answers to your questions. I suppose you could go to that online chat the reporter is holding later today (I think I posted it somewhere around response 2 or 3 in this thread), or just drop him an email and ask: gellmanb@washpost.com.

60 posted on 06/26/2002 11:37:13 PM PDT by Timesink
[ Post Reply | Private Reply | To 59 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-2021-4041-6061-80 ... 101-112 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson