Slashdot Mirror
Cyber-Attacks?
Galahad2 writes "The Washington Post has a lengthy article about the Bush administration's fears of an Al Qaeda cyber attack on the nation's infrastructure. Though we have all seen this sort of attack as a possiblity for a long time, I'm having a hard time believing that Al Qaeda is capable of anything along these lines." You're not the only one. The article does cite an example of the only known infrastructure attack, a case in Australia where a consultant used his inside knowledge of a local sewage treatment system to dump raw sewage, hoping for a contract to solve the problem he created.
Isn't this exactly what happened with y2k ? Consultants talked up a problem in the hope of being paid to "fix" it.
Whats even more funny is that I remember an incident of a sewage spill during a y2k test in Australia. Is this the same incident?
I know I'm going to hell, I'm just trying to get good seats.
Security in the military is amazing. At least here. Any computer net designed for "Classified" to "Secret" is not allowed to be connected to ANYTHING except a fiber-op LAN. No floppy, no HDD, Windows boots from servers. The parallel and serial ports are removed, keyboard cords are glued to the machine, cabinet locked with padlock... The network I spent most of my time on had nothing more secret than the SSN of several persons, but that info is "Classified" so we had the server in a EMP-safe, TEMPEST-classified locked concrete room. The fib-op was in concrete ducts, the switch cabinets were thin safes, backups were stored in two separate fireproof vaults... I dare you. Hack that server, my guess is that it is next to impossible, primarily because of the NoNet-policy. Any computer connected to the 'net is automatically classified as "Unsafe" no matter what firewall in between. A computer that is "Unsafe" is not allowed to be next to a secure computer(!). This is to avoid human confusion...
What's funny is that shortly after some of the first arm-chair quarterbacking by the networks the White House said "fine... we'll brief you more often". They then began to share more possible threats, particularly those with a lower probability than previously publicly discussed. What happened? The next night on the network news at least one anchor (either Sam Donaldson or Dan Rather I believe) groused that the White House was now sharing too much and causing undue panic.
Uh. Duh.
You can't have it both ways. You either have to let the intelligence community work at things and only inform you of the threats deemed likely to occur, or you have them warn you every time some crank caller picks up the phone. Yes, there's middle ground. But who draws it?
Were there screwups prior to 9/11? Possibly. It's likely that we'll look back on it and say "how could that have occurred?" similar to Pearl Harbor now. But it's being done in a post-mortem fashion -- when you KNOW what to look for it's a helluva lot easier to find it than it is when you have 5 million inputs and only one of them is valid.
Look at the graph titled "Rise in Cyber Attacks".
It shows an exponential rise in the "Number of reported cyber incidents".
Pretty scary, no?
Now read the footnote
*Includes probes, illicit entry and attacks aimed at causing damage or taking control
It's hard to take something like this seriously.
It's like putting up a graph showing "Rise in illegal activity", with a footnote that says,
*includes parking violations, theft, and murder
- SWM