* subscribe at http://techPolice.com COMPUTER TERRORISM A RISING THREAT; Scenarios include city black outs, nuclear disasters Marilyn Geewax Washington Bureau Copyright 2001 Dayton Newspapers, Inc. WASHINGTON - Most people think America hasn't been the target of a major attack since Pearl Harbor 60 years ago. Yet every day, foreigners invade U.S. computers and Internet servers, causing economic damage that last year totaled about $17 billion and may be higher this year. So far, these attacks are no Pearl Harbor - but just wait. Pentagon experts say cyber-terrorists may be able to black out cities, shut down financial markets, even trigger disasters at nuclear power plants. Indeed, one computer expert said the "Code Red" worms that continued to slow the Internet last week may have been intended to announce to the world that China can now harm the United States at will. Despite recent frenzied efforts to protect U.S. networks, most analysts think the nation will remain highly vulnerable, because computer-controlled systems are designed to be accessible via the Internet, and the U.S. agency leading the battle against cyber-terrorism has been criticized as ineffective. Scenarios like these, the experts say, are plausible: Using source code stolen from the U.S. Naval Research Laboratory in Washington, hackers disable Global Positioning System satellites, which the government plans to make the primary national navigation source for commercial aviation. Banking, communications, and Internet enterprises relying on the GPS timing signal are disrupted. A terrorist manipulates the control system of a gasoline pipeline to create a "hammering" effect, leading to a leak and an explosion in a major city. When ambulances and fire trucks try to respond, they are thwarted because the system that controls traffic lights has been scrambled and streets are snarled with cars. A terrorist hacks into a nuclear power plant's central computer, where he gains control of the generating process and triggers a disastrous meltdown. Rep. Bob Goodlatte, R-Va., cited this possibility when he introduced a bill allowing U.S. companies to sell powerful encryption software overseas. The General Accounting Office, Congress' watchdog agency, reported this spring that "terrorists or hostile foreign states could launch computer-based attacks on critical systems to severely damage or disrupt national defense or other critical operations or steal sensitive data." Such attacks would exploit weaknesses in computer software or the increasingly complex web of wires and routers that supports the Internet. The GAO said likely targets include the nation's communications system, banks and financial markets, water supplies, transportation systems, pipelines, emergency services and electric power sources. "Today, the right command sent over a network to a power generating station's control computer could be just as effective as a backpack full of explosives, and the perpetrator would be harder to identify and apprehend," concluded the President's Commission on Critical Infrastructure Protection. Military experts and industry analysts say that so far, cyber-attacks mostly have caused economic harm, as in the case of a Welsh teenager who stole 26,000 credit card numbers from nine e-commerce Web sites this spring, causing $3 million in damage. But it may be just a matter of time - and not much time - before political terrorists start replacing thieves and thrill-seeking hackers. Indeed, one computer expert, Gary Sevounts, who tracks the Code Red worm for Hewlett-Packard Co. at its Atlanta office, said this mysterious program may be the nation's first act of cyber-terrorism. The worm was designed to attack the White House's Web site and to leave a message: "Hacked by Chinese." If his suspicions are borne out, Sevounts said, "I think this is only the beginning," because the ability to cripple another nation from the safety of home is "one of the ultimate tools of terror." Threats to the nation's computer-based infrastructure can come from domestic sources as well, said Micheal Erbschloe, vice president of Computer Economics Inc. of Carlsbad, Calif., and author of a new book, Information Warfare . But the growing number of foreign-launched attacks is worrisome. The Department of Defense already is the target of continual invasions. "We're talking about 250,000 intrusion attempts a year on DOD computers alone," he said. "Most of them are domestic and not damaging, but we've had too many incidents of things coming from outside the country to ignore it." Because the United States is the focus of hatred for many terrorist groups, the country's sophisticated computer systems make an especially attractive target for individuals wanting to make a global statement. "In a few years, the preferred choice of terrorists is not going to be blowing themselves up in a car bomb," Erbschloe said. "What we see (with cyber-terrorism) is that it's becoming more organized as time goes by, and it's becoming more destructive as well." While the threats are growing, some believe that the government's top organization for preventing cyber-terrorism, the National Infrastructure Protection Center (NIPC), is not up to the job. The GAO reported this spring that the capability "needed to protect the nation's critical infrastructures have not yet been achieved" by NIPC. Its investigation found that because NIPC has "only limited capabilities for strategic analysis of threats, ... (it) often is not able to provide timely information" on imminent attacks. GAO also concluded that NIPC lacked both staff and technical expertise and sometimes operated amid confusion because its "roles and responsibilities have not been fully defined." The central problem for those charged with protecting the nation from terrorism is that the operators of critical infrastructure use the Internet to communicate, purchase materials and perform many other tasks. But using the Internet is like installing windows in a sealed building. A terrorist could slip in through a poorly guarded "window" to work his way into the computers that control the distribution of electricity, triggering a blackout. In addition, because the Defense Department works so closely with industry on everything from designing communications systems to building aircraft, terrorists could enter the Pentagon through "back doors" left by private contractors. "They always leave 'back doors' because the people who design the systems usually have some sort of maintenance contract that allows them to log on and do work on the system remotely from their offices," Erbschloe said. "The government contractors will say, 'No, we are secure," but we know that (an authorized break-in) can happen," he said. Many of these contractors use foreign workers, tens of thousands of whom are allowed into the United States under the H-1B visa program for high-skilled workers. Despite the GAO's concerns about NIPC's ability to protect critical infrastructure, the agency's reputation may have gotten a boost in recent weeks by taking prompt and highly visible action during the Code Red incident. NIPC worked overtime to coordinate federal and industry efforts to track and slow the attack, said Christopher W. Klaus, founder and chief technology officer of Internet Security Systems Inc., based in Atlanta. "We've all learned a lot from this episode with Code Red," he said. "By working through this crisis, we have been able to forge better relationships" among the companies and government agencies focused on cyber security. Still, some lawmakers want to do more about threats to the Internet. "I don't think we are taking it seriously enough," said Sen. Jon Kyl, R-Ariz., ranking member of the Senate subcommittee on technology, terrorism and government information. Next month, Kyl plans to join Sen. Robert Bennett, R-Utah, in introducing legislation to increase joint federal and private industry efforts to protect critical infrastructures. In addition, the Bush administration is preparing an executive order to create a new umbrella security organization to help protect computers and keep the government functioning in case of a cyber-attack. In coming weeks, President Bush is expected to create a panel of 23 officials representing various federal departments and agencies to coordinate cyber-security policy, help Congress develop legislation and work with private industry groups to protect critical networks. The new panel is not expected to replace NIPC, but rather would join the government's hodgepodge of committees, boards and councils responsible for addressing cyber-threats. Erbschloe said he doubted such a panel would do as much good as giving NIPC more money to hire more staff to track threats and prevent attacks. "The solution is hard work, a lot of diligence and good cooperation, not rhetoric," he said. "And for the most part, when you get big panels, you get rhetoric." On the Web: National Infrastructure Protection Center at http://www.nipc.gov Marilyn Geewax's e-mail address is marilyng(at)coxnews.com ------------------------------------------------------------ Remember Cliff & The Shadows? Then you'll dig The Rapiers -- The Best '60s Band Since the '60s. Join "The Rapiers List" at: http://www.topica.com/lists/rapiers/ --via http://techPolice.com archive: http://theMezz.com/cybercrime/archive subscribe: [EMAIL PROTECTED] --via http://theMezz.com ==^================================================================ EASY UNSUBSCRIBE click here: http://topica.com/u/?b1dhr0.b2EDp2 Or send an email To: [EMAIL PROTECTED] This email was sent to: archive@jab.org T O P I C A -- Register now to manage your mail! http://www.topica.com/partner/tag02/register ==^================================================================