Skip to main content
ad info technology > computing
    Editions | myCNN | Video | Audio | Headline News Brief | Feedback  




Consumer group: Online privacy protections fall short

Guide to a wired Super Bowl

Debate opens on making e-commerce law consistent



More than 11,000 killed in India quake

Mideast negotiators want to continue talks after Israeli elections


4:30pm ET, 4/16










CNN Websites
Networks image

Studies: U.S. security threatened by Internet


(IDG) -- During the next 15 years, the U.S. will face a new breed of Internet-enabled terrorists, criminals and nation/state adversaries that will launch attacks not with planes and tanks, but with computer viruses and logic bombs, according to two reports released last month.

Although the 68-page report by the CIA's National Intelligence Council (NIC) mentioned critical electronic infrastructure protection and information warfare only briefly, it warned Americans that adversaries around the world are hard at work developing tools to bring down the U.S.'s private sector infrastructure.

Many countries already have programs to develop such technologies and "could develop such capabilities over the next decade and beyond," according to the NIC study.


A report by the Washington-based Center for Strategic and International Studies (CSIS) went even further, warning of a future cyberarms race and the rise of terrorist groups supported by "computer-literate youngsters" bent on disrupting the Internet.

"The U.S., Russia, China, France and Israel are developing cyberarsenals and the means to wage all-out cyberwarfare," the CSIS study said.

China is of particular concern, said experts, because it's devising strategies for unrestricted electronic warfare. Officials said critical infrastructures in the U.S. could be targeted in the future as revenge for incidents like the 1999 accidental bombing of the Chinese embassy in Serbia. INFOCENTER
Related Stories
Visit an IDG site search

"They suggest having every person in China send one e-mail to [an address] of interest in the U.S. or use hacker tools easily available on the Internet to support a mass [denial-of-service] attack," said John Shissler, a former military intelligence officer.

Online extortion and falsification of shipping manifests by criminals, and attempts by countries to use hacking techniques to evade trade sanctions are a rising concern, said Jeffrey Hunker, senior director for critical infrastructure protection at the White House.

Hunker said officials are also becoming increasingly concerned with the proliferation of "always-on" Internet appliances, such as modems and network printers. Hackers are finding ways to penetrate these devices and possibly use them as launching pads for more devastating distributed denial-of-service attacks, he said.

Last year, a hacker cracked into a printer at the Navy's Space and Naval Warfare Center and rerouted a potentially sensitive document to a server in Russia.

Stephen Northcut, director of the Global Incident Analysis Center at the SANS Institute in Bethesda, Md., said that in one day recently, his cable modem-equipped laptop received 54 probes, two of which penetrated his personal firewall. "Our systems come to us hackable," said Northcut. "It's a feature."

Winn Schwartau, founder of security consultancy Interpact Inc. in Seminole, Fla., said the real threat comes from the design of the U.S. infrastructure and the people who run it.

"We built these systems and our business models on the assumption that things will always work," said Schwartau. If a major attack is made on the infrastructure, "it's going to happen from the inside," he said.

Tim Atkin, a member of the National Partnership for Critical Infrastructure Security and director of critical infrastructure protection at consulting firm SRA International Inc. in Fairfax, Va., said the reports hold a "powerful message" for the national cybersecurity effort. He added, however, that future preparedness will be determined by how much emphasis companies and the government place on fixing known vulnerabilities, training and education and enforcing good security policies.

Dan Morrison, a partner in the risk consulting group at Arthur Andersen LLP in Ottawa, said although the threat of terrorists groups attacking the infrastructure is real, a word of caution is needed. "It's scary, but it's really hard to bring down the Internet."

Report: Microsoft hack a U.S. security risk
December 29, 2000
Science, security are focus of U.S. Energy Department commission
August 28, 2000
U.S. government agencies shape cyberwarning strategy
August 15, 2000
Are cyberterrorists for real?
July 3, 2000
False sense of cybersecurity a costly problem for U.S.
June 20, 2000

U.S. draws attention to information warfare threat
China strengthens laws against Internet crime
(The Industry Standard)
Cyberattacks against Pentagon on the rise
U.S. could face 'Pearl Harbor' in cyberspace
FTC, FBI sites leave opening for hacker access
Proposed cybercrime laws stir debate at conference
Microsoft hack could pose national security risk
Europe's cyber crime treaty criticized as vague

National Intelligence Council
Center for Strategic and International Studies
SANS Institute

Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.


Back to the top  © 2001 Cable News Network. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines.