As outlined by five security experts and two hackers: Richard Power, an
authority on computer crime and information security; Bruce Schneier, a
cryptography and computer security expert; Kirk Bailey, Mgr. of Information
Security, Frank Russell Company; Chris Davis, a security consultant and
ex-hacker; Robert Giovagnoni of iDEFENSE; and Reid and Count Zero, members of
the Cult of the Dead Cow hacker organization.
Although research firms and the FBI cite huge damage costs from cybercrime,
some experts maintain the true costs are difficult to measure. FRONTLINE
spoke with security analysts Richard Power, Editorial Dir. of the Computer
Security Institute; James Adams, CEO of iDEFENSE; and Howard Schmidt,
Microsoft's Chief of Information Security.
As presented in excerpts from FRONTLINE's interviews with security analysts
James Christy, computer crime investigator for the U.S. Dept. of Defense;
Martha Stansell-Gamm, chief of the U.S. Justice Dept's Computer Crime section;
James Adams, CEO of iDEFENSE; and Michael Vatis, former Ass't Deputy Dir. of
the FBI National Security Division
This 1996 study by the U.S. General Accounting Office estimated the Dept. of
Defense's computer systems had been attacked 250,000 times in 1995 and
potential future attacks could "pose serious risks to national security."
Here's an excerpt describing some of the detected attacks, including the
infiltration of Rome Laboratory, the Air Force's premier command and control
research facility. A 1999 follow-up study concluded the "DOD has made limited
progress in correcting the general control weaknesses we reported in 1996. As a
result, these weaknesses persist across every area of general controls."
In 2000, the FBI's San Francisco Computer Crime Squad and the Computer Security
Institute surveyed information security professionals employed at corporations,
financial institutions, government agencies and universities. The survey
revealed the type of security attacks encountered, what actions the security
people took when they learned of the crime, and why they sometimes chose not to
report the attack.
Cookies have become standard practice on the internet. Not only are they used
by your favorite sites to provide you with a "personalized" experience, they're
also used by marketers and advertising companies. Once you give companies
access to write a cookie on your computer (this results from the 'cookie
preferences' set up you've selected on your browser) then what? Is it harmless?
How far can it go? Kevin Callahan, president and CEO of Seattle security firm
Quavera, helps demystify cookies, web bugs, and other methods corporations use
to keep track of you--and suggests steps you can take to stop or reduce this
Government officials warn that there may be reprisals in cyberspace for the U.S. bombing in Afghanistan. This article explores the possibility of the use of computer attacks by terrorists or other groups as "weapons of mass disruption," which could be used to instigate further disorder following a bombing or other attack by, for example, taking down finiancial or communication systems. Security experts are nervous because they are seeing newer and more powerful types of attacks than ever before.
This Fortune article recounts federal investigations into links between terrorism and the computer world and allegations that a Texas based communications company is providing technical and financial support to radical Islamic groups.
In the wake of the September 11 terrorist attacks, President Bush appointed Richard Clarke as presidential adviser on cyberspace security, as part of the new Office of Homeland Security. This article from Washtech.com provides background on the new position and on Clarke's experience as a computer security expert.
This April 1999 article warns that "cyberspace is becoming a new arena for political extremists" both because the reliance of governments and nation states on new information technologies creates new vulnerabilities, and because those same technologies offer non-state sponsored terrorist groups an efficient means of organizing and communicating among themselves. The article details in particular the use of the Internet by a number of extremist Islamic groups.
In January 2001, Israel's Ben Gurion University hosted a seminar called "Battle of the Servers, Battle of the Hearts" addressing the role of cyberterrorism in conflicts around the world, from Kosovo to the Middle East. This Wired article details the conference, and provides links to participants' web sites and further articles on cyberterrorism in the Middle East.
Among other things, this site for the Computer Crime and Intellectual Property Section of the Department of Justice
includes detailed directions on what to do if you
suspect your site or systems have been hacked. For a U.S. perspective on the
global challenges of cybercrime, read speeches and testimony of several U.S.
authorities, including Janet Reno and other top officials at the Justice
In September 2000 the House Subcommittee on Government Management, Information,
and Technology presented a "report card" which found that the federal
government's computer security overall ranked a D-.
In September 2000 the General Accounting Office released this report on the
readiness of government computers. It concluded that 24 major agencies were
especially vulnerable, posing risks to the operation of the federal government.