Slashdot Mirror
Internet Meltdown Predicted for Tomorrow
Kobalt writes "A few news services are reporting that Russian computer expert, Aleksandr Gostev from Kaspersky Labs, has predicted that a large chunk of the Internet will be shut down tomorrow by cyber terrorists."
Summary: nothing to see here. Move along.
Kaspersky labs says they were misquoted. Quoting from a mail from kaspersky labs themselves (as found in a repost on the NTBugtraq mailing list):
A handful of sites are stating that Eugene Kaspersky, founder of Kaspersky Labs, believes that tomorrow will bring a massive terrorist attack on the Internet. This is being quoted in a range of ways, ranging from factual reporting to citing the story as an example of cyber hysteria.
However, Kaspersky is not predicting the end of the Internet tomorrow - or even in the near future. The story stems from brief comments made yesterday at a press conference which was dedicated to cybercrime and the problems of spam.
At this press conference, Kaspersky commented that the possibility of terrorists using the Internet as a tool to attack certain countries as a reality. As an example, he cited the fact that a number of Arabic and Hebrew language websites contained an announcement of an 'electronic jihad' against Israel, to start on 26th August 2004.
In an interview today, Kaspersky stressed that such information was not necessarily trustworthy. 'We don't know who is behind these statements.' He went on to clarify: 'It's not the first time the term 'electronic jihad' has been used. We've seen this before, with the focus being on sending racist emails, and defacing and hacking Israeli web sites. But it is the first time I have seen sites encouraging the use of Internet attacks against one country as a form of terrorism.'
'As we've already stated many times in the past, it would be easy enough to use a network of infected computers to launch such an attack. We saw the impact that Sasser, Mydoom and Slammer had, on the Internet, businesses and organisations. Just imagine if such an attack was directed at one country or one critical point in the infrastructure of the Internet. Computers are a tool - and just like any tool, they can be used or misused.'
Kaspersky emphasised that the likelihood of a massive attack directed against Israeli institutions tomorrow is low. However, he believes that Pandora's box has now been opened. Hackers and virus writers can be motivated by a range of factors: money, curiosity, or political
conviction. But whatever their motivation, the insecure nature of the Internet and weak security precautions offer a wealth of opportunities. 'Maybe it won't be tomorrow, or the day after tomorrow - but sooner or later, terrorists will be using the Internet as another weapon in their arsenal.'
Speaking at a conference hosted by Russian Information Agency Novosti, Aleksandr Gostev from Kaspersky Labs said information on this terrorist attack was published on special websites. He did not elaborate.
...
The executive director of Dr.Web antivirus lab, Mikhail Bychinsky, quoted by Lenta.ru web agency said he had not heard of such an attack. "I do not believe in mass internet attacks because the main servers are defended, and Kaspersky Labs has been foretelling doomsday for a long time."
A case of cry wolf, most likely. The main question is 'Why the hell?'
I hear there's rumors on the Slashdots
At about 12:15pm on the US east coast, it should be "tomorrow" soon in the Eastern continents. I'll keep a watch on the stats and flip the switch if necessary :P
An Indian-American Hindu committed to non-violent thought/speech/action alarmed by the global explosion of radical Islam
>Has anyone else noticed a lot of automated (presumably) login attempts for the users 'root', 'test' and 'guest' over SSH?
That started last month. It's a routine rootkit installer. One report is that in addition to trying for stupid passowrds it also attempts the overflow exploit from last year that got fixed in 3.7.1p2.
It is explained clearly by Russ Cooper in this bugtraq post.
I just found they're done by a program called brutessh2. It's a little brute-force scanner like everyone has guessed. You can find the source for it here. Be sure to check your passwords against its password list.
"I assume Russians define it pretty much the same way."
Don't be so sure. I took a terrorism class when I was in college, and we spent the first week or two discussing definitions of terrorism. The CIA, FBI, different dictionaries, different experts, different nations, etc., all have significantly different definitions. There are about a dozen definitions that scholarly papers regularly cite, making the word mostly useless when the definition isn't provided.
G
You mean like this one?
This bulb, in a fire station in Livermore, CA, has been burning since 1901.
Constantly.
One hundred three years.
Here's the webcam.
if the answer isn't violence, neither is your silence / freedom of expression doesn't make it alright
From: news@kaspersky.com [mailto:news@kaspersky.com]
:snipped::
. html for the rest.
Sent: Wednesday, August 25, 2004 10:29 AM
To: news@kaspersky.com
Subject: VirusList.com Virus Alerts & Virus News: 25th August 2004: Who knows what tomorrow will bring?
VirusList.com Virus Alerts & Virus News. Wednesday, August 25, 2004
1. 25th August 2004: Who knows what tomorrow will bring?
2. How to subscribe/unsubscribe
3. Security Rules
****
1. 25th August 2004: Who knows what tomorrow will bring?
A handful of sites are stating that Eugene Kaspersky, founder of Kaspersky Labs, believes that tomorrow will bring a massive terrorist attack on the Internet. This is being quoted in a range of ways, ranging from factual reporting to citing the story as an example of cyber hysteria.
However, Kaspersky is not predicting the end of the Internet tomorrow - or even in the near future. The story stems from brief comments made yesterday at a press conference which was dedicated to cybercrime and the problems of spam.
At this press conference, Kaspersky commented that the possibility of terrorists using the Internet as a tool to attack certain countries was a reality. As an example, he cited the fact that a number of Arabic and Hebrew language websites contained an announcement of an 'electronic jihad' against Israel, to start on 26th August 2004.
In an interview today, Kaspersky stressed that such information was not necessarily trustworthy. 'We don't know who is behind these statements.' He went on to clarify: 'It's not the first time the term 'electronic jihad' has been used. We've seen this before, with the focus being on sending racist emails, and defacing and hacking Israeli web sites. But it is the first time I have seen sites encouraging the use of Internet attacks against one country as a form of terrorism.'
'As we've already stated many times in the past, it would be easy enough to use a network of infected computers to launch such an attack. We saw the impact that Sasser, Mydoom and Slammer had, on the Internet, businesses and organisations. Just imagine if such an attack was directed at one country or one critical point in the infrastructure of the Internet. Computers are a tool - and just like any tool, they can be used or misused.'
Kaspersky emphasised that the likelihood of a massive attack directed against Israeli institutions tomorrow is low. However, he believes that Pandora's box has now been opened. Hackers and virus writers can be motivated by a range of factors: money, curiosity, or political conviction. But whatever their motivation, the insecure nature of the Internet and weak security precautions offer a wealth of opportunities. 'Maybe it won't be tomorrow, or the day after tomorrow - but sooner or later, terrorists will be using the Internet as another weapon in their arsenal.'
See http://archives.neohapsis.com/archives/today/0006
Senior NCO in the fight against entropy. I've seen things, man. Things no one should have to see.....
Multiple MD5 and one SHA0 collisions were confirmed at the Crypto 2004 conference in Santa Barbara. Perhaps more important is that these collisions demonstrated the feasibility of "shortcuts" to produce a collision. At this time, these are belived to be of little practical significance because they are still computationally expensive and affect only collision avoidance. There are two aspects to MD5 and SHA that are important. Collision avoidance is one, the other is preimage resistance (the difficulty creating an input to the function that produces a known output.) However, it is quite possible that these breaks can be expanded into even larger breaks, including preimage cracking.
While not encryption, MD5 and SHA are used in a variety of ways that are important to encryption. For example PGP and GPG use hash algorithms and salt to convert plantext passphrases into pseudo-random encryption keys. So one possible threat is finding that MD5 and SHA are biased enough to make an attack feasible. It does not matter if blowfish uses 128 bit encryption if the function used to generate the key is significantly biased. Big huge "if."
As someone else pointed out, MD5 is used to encrypt passwords in some password files. If someone expands the shortcut to defeat preimage resistance, it might be easier to find a working passphrase from a password file. Again, this is a big "if."
So the one article is blowing things out of proportion. These are not the kind of breaks that would lead to a practical attack yet. The collisions were created using generated plaintexts so it is not likely that someone can slip a trojan into source code in such a way as to produce the same hash string.