Security News > 2001 > December > Cyber terrorism is 'fantasy'//ERRI Reply
Forwarded from: C. L. Staten Cc: junkmail () barnowl com Mr. Rosenberger: While I agree that sometimes computer journalists have overblown the threat of cyberterrorism, I must also offer a simple observation that attacks on/corruption of the world's main DNS servers, telco switches, or other means could prove to be particularly troubling. Secondarily, as far as viruses are concerned, I can tell you that I have received message traffic to indicate many .gov and .mil mail servers are currently suffering at the hands of BadTrans.b, which most will agree is not really a terribly damaging or prolific virus. One only need consider the creation of a new virus that is multi-platform, polymorphic, has several of the features of recent viruses, and add a couple of new wrinkles to make it a real "nightmare." The last thing our government and industry needs in the midst of a physical terror attack is overloaded servers and outages on the internet...where much information is shared to help resolve problems created by any catastrophe. Our concern revolves around DDoS, virus, and other exploits being concurrently used to amplify the effects of a terrorist attack in the real world. "Destroying America with a computer virus," as you say, may not be feasible in the traditional sense...but professionals from a hostile nation-state, with truly evil intent, could cause us more problems than the IT community is currently prepared/equipped to handle. While I certainly defend your right to publish your opinion that "Cyber terrorism is fantasy," It would be my fear that you are not being creative enough in your analysis of the future. IMHO, troubles lie ahead in cyberspace... Most Respectfully, C. L. Staten Emergency Response & Research Institute 6348 N. Milwaukee Ave. #312 Chicago, IL 60646, USA 773-631-3774 - Voice/Messages 773-631-4703 - Facsimile webmaster () emergency com - E-Mail http://www.emergency.com - Main Webpage -----Original Message----- From: owner-isn () attrition org [mailto:owner-isn () attrition org] On Behalf Of InfoSec News Sent: Friday, November 30, 2001 6:15 AM To: isn () attrition org Subject: RE: [ISN] Cyber terrorism is 'fantasy' Forwarded from: Junkmail Rosenberger I reject Knowles' argument out-of-hand. He misses the point when he asserts "[who] would have thought that someone would have hijacked commercial jetliners and used them as cruise missiles." The simple fact is that terrorists *always* had the ability to turn planes into cruise missiles; their effectiveness as flying bombs merely grew in proportion to their fuel payload. On the other hand, Cluley & I & others insist no one [yet] has the ability to destroy America with a computer virus (read http://Vmyths.com/rant.cfm?id=410&page=4 for starters). We can therefore sum up Knowles' misguided argument as follows: --> "commercial aircraft as bomb" is VERY feasible but NOT likely; --> "computer virus as bomb" is NOT feasible but VERY likely. Knowles & others (e.g. Michael Vatis, Richard Clarke) could validate their cyber-terrorism arguments with just one -- I repeat, ONE -- technologically feasible idea for destroying America with a computer virus. Rob Rosenberger, Vmyths editor Truth about computer virus hysteria http://Vmyths.com [WK Note: One problem I have is occasionally I don't make myself clear in my commentary on ISN, this can be attributed to lack of sleep, lack of RedBull in the fridge, and the thought of business travel. There are others, but I'd have to sleep on that.