Security News > 2000 > July > Heading off Cyber-geddon

Heading off Cyber-geddon
2000-07-26 04:28

http://triblive.com/business/bcyb0725.html July 25, 2000 By: Paul Beebe TRIBUNE-REVIEW A hacker breaks into the computers at the Worcester, Mass., airport control tower. Someone shuts down Miami's 911 emergency phone system. A computer virus spreads across the globe, causing $4 billion in damage - in one day. Sound far-fetched? Each incident actually happened. Bad as they were, these horror stories one day may pale in comparison to the next bout of mischief awaiting the Internet. Unless protective steps are taken, what's ahead may be an electronic Pearl Harbor, a digital Exxon Valdez so devastating that entire nations are brought to their knees, say participants gathered Monday at Carnegie Mellon University for the first-ever summit on cyber-security. "We are in a new age," said David McCurdy, president of the Electronic Industries Association. "We know the benefits of (the Internet). Now it's critical that this technology not only be robust, but survivable." Three years ago, a band of hackers, working for the U.S. intelligence community, set about to discover what damage they could do to the economic and military infrastructure of the United States. Their success was astounding, said Sen. Rick Santorum, the keynote speaker at the two-day security summit, which ends today. Hackers figured out how to shut down the power grid and telephone systems in 12 American cities, including Washington. They also invaded the U.S. military's command and control system, raising the possibility that in an actual attack, the country's defenses could be breached. "On a scale of one to 10, it's a 10," Santorum said of his level of concern about the lack of U.S. readiness to fight cyber-terrorism. Santorum's message: Enemies of the United States have figured out that terrorism is far more effective than conventional warfare. At least 20 countries are known to be developing tools to attack the country's unprotected computer-based infrastructure. During his remarks, Santorum announced $5 million in funding for a "cyber-security institute" aimed at promoting the exchange between industry and government of information and technology to battle cyber-terrorism. The House of Representatives has approved start-up funds for the Institute for Defense Computer Security and Information Protection. The Senate has yet to act. The institute will act as a neutral third party to tackle the reticence of private industry to share with government what it knows about the extent of cyber-terrorism and what can be done to prevent it. Paul Toscano, a lawyer and chief executive officer of Salt Lake City-based UserTrust Inc., said concerns about safeguarding the integrity of the Internet are well-founded. But the concerns mask the fact that legal tools already exist to solve most of the issues affecting companies that want to do business in cyberspace. Toscano said not-for-profit organizations could be established to set up rules governing the transmission, use and storage of sensitive information. The organizations also could be given authority to enforce its rules. "It could be a legal structure that mediates between the user's need for privacy and a company's need to make money," Toscano said. The summit brought together representatives of the Central Intelligence Agency, the Energy and Defense departments, the National Security Agency, the Air Force and Navy, the National Institute of Standards and Technology, and other groups. Their goal is to reach a consensus on how cyber-security research should proceed during the next two decades. If they succeed, wireless communication, the World Wide Web and the Internet, which was not designed for security, would become a safe place to do business, store information, even swap sensitive military secrets. Speaker after speaker trooped to a podium at CMU's McConomy Auditorium to repeat the message that computer and wireless-based communication has become a critical component in the world economy. Already, 100 million machines are connected to the Internet. That number is expected to grow to 2.5 billion in six years. "For those of you who don't believe there is an Internet in your future, resistance is futile," quipped Thomas Longstaff, a CMU research scientist. ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".


News URL

http://triblive.com/business/bcyb0725.html