Forwarded from: William Knowles <wkc4i.org>

http://www.time.com/time/europe/magazine/article/0,13005,901020617-260664,00.html

BY PAUL QUINN-JUDGE/MOSCOW
Jun. 17, 2002/Vol. 159 No. 24

Three flights up a scruffy building in central Moscow, a small paper
sign pasted on the wall directs visitors to Directorate R of the
Moscow police. R stands for nothing: it was just the next code letter
available in 1986 when the police decided to set up their own
communications-security branch. These days the Directorate's
bread-and-butter work is computer and mobile-phone fraud. But their
biggest nightmare - and that of their counterparts in Western Europe
and the U.S. - is digital attack. "This, unfortunately, is the future
face of terrorism," says Dmitri Chepchugov, head of Directorate R.

So far, politically motivated computer attacks have been irritations
or embarrassments rather than full-blown catastrophes. Chinese hackers
attacked some 1,200 sites, including the White House, the Department
of Energy and the Air Force, defacing some sites and putting others
temporarily out of service, during a standoff with Washington over a
spy plane last year. Russians and Eastern Europeans did the same
during the war in Kosovo, and Pakistani and Indian hackers are doing
it right now. Over a period of several years, U.S. investigators
believe hackers - probably from Russia - tunneled into department of
Defense sites and illegally downloaded large quantities of technical
defense research, all unclassified, according to the Pentagon. The
leap from this kind of sporadic hacking to virtual terrorism is only a
matter of time, specialists believe. "After every terrorist attack,
security is tightened up and improved," Chepchugov remarks. "But these
days you don't need to get a truck bomb into, say, a chemical plant or
crash a plane into it. All you need is a group of hackers who get into
the computerized control system, knock it out, and trigger a
disaster."

Michael Vatis - a former head of the FBI's National Infrastructure
Protection Center, the lead U.S. federal agency for computer crime,
cyberterrorism and cyberespionage - agrees. "We have seen a clear
decision by terrorist groups like al-Qaeda to focus on critical
infrastructures, financial networks and power grids," says Vatis, now
director of the Institute for Security Technology Studies at Dartmouth
College. "And they have developed expertise with computer systems for
secure communications and planning attacks. The next step is to put
the two together."

The likely targets would be a country's power or water supply, gas and
oil production or storage facilities, telecommunications or banking
networks and transport or emergency services. Attackers could try to
disrupt these systems during a conventional assault or, even worse,
attempt to trigger a disaster by destroying them outright. Most
government and many commercial organizations insulate the sensitive
parts of their computer systems from the Internet. But it is harder to
protect computerized systems from an inside job. This is what happened
a little over two years ago in Russia, in an incident that briefly
surfaced in the press and was quickly hushed up. In early 2000,
officials say, a disgruntled employee of Gazprom, the oil and natural
gas monopoly, helped a group of hackers seize for several hours the
corporation's computer systems - including those regulating gas flow
through the firm's pipelines. Gazprom subsequently denied press
reports of the break-in. And, officials add, the politically powerful
corporation was furious when the information was made public. "Heads
rolled in the Interior Ministry after the newspaper report came out,"
says another senior official. But, this person adds, "We were very
close to a major natural disaster."

Chepchugov says there are some indications that at least one radical
fundamentalist is showing interest in computers. The imam of Finsbury
Park mosque in north London, Abu Hamza al-Masri (also known as Mustafa
Kemal) "has gathered around himself a group of computer specialists,"
Chepchugov says. "This is indirect proof that Muslim extremists
understand the potential of computer-based terrorism." Meanwhile,
another Russian specialist in computer crime remarks, "I think our
American friends are very interested in the Pakistan Hackerz Club [a
pro-Pakistan hacker group]," which they apparently suspect of having
contacts with radical groups. Al-Qaeda works like any other criminal
group in the world of computers, says Anatoly Platonov of the Interior
Ministry's Directorate K, which also deals with cybercrime. "They have
the money and are looking for the brains." Sooner or later,
specialists believe, they will find them.
 

 
*==============================================================*
"Communications without intelligence is noise; Intelligence
without communications is irrelevant." Gen Alfred. M. Gray, USMC
================================================================
C4I.org - Computer Security, & Intelligence - http://www.c4i.org
*==============================================================*

-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomoattrition.org with 'unsubscribe isn'
in the BODY of the mail.

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]