Slashdot Mirror

← Back to Stories (view on slashdot.org)

US Most Vulnerable To Cyberattack?

Posted by CmdrTaco on from the also-most-vulnerable-to-american-idols dept.

alphadogg writes "Several nations, most prominently Russia, the People's Republic of China and North Korea, are already assembling cyber armies and attack weapons that could be used to attack other nations. Given that the United States is heavily dependent on technology for everything from computer-based banking to supply-chain tracking and air-traffic control, it's particularly vulnerable to the denial-of-service attacks, electronic jamming, data destruction and software-based disinformation tricks likely in a cyberattack. Here's what ex-presidential adviser Richard Clarke, who is releasing a new book called Cyber War, and others are saying needs to be done to keep cyberwars from escalating into full-scale combat."

3 of 118 comments (clear)

  1. Bill Gates is the "Manchurian Candidate"? by peter303 · · Score: 5, Insightful

    His OS is used 90% of US computers, including military ones. And it security holes you could sail an aircraft carrier through.
    MicroSoft has been more diligent about security lately. But the damage has already been done.

  2. First people have to care about real security... by kbonin · · Score: 4, Interesting

    As nearly anyone working on the "front lines" of security will tell you, most companies don't really care about security past some low level of lip service. Corporate networks [nearly] always have firewalls, but most of the time the IT staff is paid to care more about restricting employees from 'wasting company time' than in managing advanced multi-level defenses (why most networks are 'crunch on the outside, soft and chewy on the inside.') Equipment and software vendors provide password level security, often with authentication integration into LDAP/AD, but rarely support real tokens or PKI's backed by an HSM, as most companies don't want to pay for a real HSM (and with post dot bomb price escalation, that's often understandable - $40k for a 1U server with layered tamper switches and a custom app?) CSO's are treated as a cost center along with the rest of IT, and its often the policy to force people to keep quiet when major breaches occur. Its simpler and cheaper to make sure the board and stockholders don't know how often the databases and repositories are exported to FTP sites in China than to actually make it really difficult to succeed, as real security often costs real money. There's a whole underground industry of targeted penetration, as ethics and patriotism fall to greed - the underlying problems are far deeper than basic "cybersecurity".

  3. Re:FUnny how there's no eviDence... by Seanface · · Score: 4, Informative

    That's an awfully broad statement. There's evidence, though it's mostly based on circumstance. I don't think I need to be linking articles about the China Cyber Attack stuff, or North Korea, as that's all fresh.

    But I'm happy to offer other links from the recent and not so recent past that are relevant.

    Somewhat recent -

    Russian Cyber Attacks on Georgia
    http://blogs.zdnet.com/security/?p=1670

    PowerGrid Vulnerability of the US
    http://www.time.com/time/nation/article/0,8599,1891562,00.html

    In a Galaxy Far Far Away... 1998, a brief description of L0pht testifying before congress.Excerpt included.
    http://hsgac.senate.gov/l0pht.htm

    ""We have become so dependent on communications links and electronic microprocessors that a determined adversary or terrorist could shut down federal operations or damage the economy simply by hacking into our computers. The two General Accounting office reports which will be released at our hearing--one on the State Department and one on the Federal Aviation Administration- -raise serious concerns about the risks to the public because of information security weaknesses.""