ad info
   personal technology

 Headline News brief
 news quiz
 daily almanac

 video archive
 multimedia showcase
 more services

Subscribe to one of our news e-mail lists.
Enter your address:
Get a free e-mail account

 message boards

CNN Websites
 En Español
 Em Português


Networks image
 more networks

 ad info



Senate report: Nation at risk of Y2K-related terrorism

View excerpts of the report by category

View the entire report

  • Y2K readiness in 10 destinations worldwide
    Senate Special Committee on the Year 2000 Technology Problem
    CNN's Charles Bierbauer summarizes the report.
    Real 28K 80K
    Windows Media 28K 80K
    Senate Y2K report: progress and warnings

    Senate Y2K report predicts U.S. travel delays, serious overseas troubles

    Russian officers to visit U.S. nuclear command center for Y2K joint program

    Senate report questions health care industry's Y2K readiness


    September 22, 1999
    Web posted at: 12:17 p.m. EDT (1617 GMT)

    In this story:

    Potential risk hard to assess

    Nation unprepared for cyberterrorism


    By Robin Lloyd
    CNN Interactive Senior Writer

    (CNN) -- The very effort to fix Y2K problems has left the nation's businesses and federal government wide open to a broad spectrum of international attacks on its computer systems, according to a Senate report released Wednesday.

    The government and the private sector hired contractors -- many of them from outside the United States -- to address the "millennium bug" without regard for domestic and financial security.

    That has left U.S. computer networks vulnerable to maneuvers that could harm the nation's economy and its leading companies.

    In fact, some security firms told a Senate Committee of finding hidden "trap doors" left behind by contractors and there is no way to know if they were left for benign or malicious reasons.

    One major technology firm that used a Pakistani consultant found such a trap door, according to the report.

    "Committee interviews have found time and again that security has taken a back seat to deadlines," according to the report by the Senate Special Committee on the Year 2000 Technology Problem.

    Potential attacks could come from foreign intelligence services, rogue nations, organized crime, corporate spies, terrorists, disgruntled employees or casual thrill-seekers.

    Attackers could use their knowledge of our nation's crucial computer systems for to get information, to pollute data or simply to destroy vital software, databases and systems.

    The Gartner Group, an information and technology research company, has predicted a $1 billion Y2K "heist," in which people could steal money and ideas electronically, the report said.

    Yet the government and law enforcement are unprepared for such threats, the report said.

    "How do you defend against a threat that is not necessarily military? What happens when you can't determine whom the adversary is? Who responds: law enforcement or defense?" the report asks.

    Potential risk hard to assess

    U.S. companies have spent billions to fix problems that could arise when dates in computers roll over for the next century to a two-digit "00," possibly confusing the year 1900 with the year 2000.

    The trouble is that repair efforts gave contractors a road map for how to run, or derail, our nation's computers.

    Sandia National Laboratories warned the Committee that malicious hackers, believing that the nation was preoccupied with Y2K, might take advantage of the moment to attack infrastructure or use Y2K failures as a cover for theft, arson and bombings.

    "The U.S. might find itself more vulnerable to information warfare attacks -- not just on January 1, 2000, but also for some time in the future," according to the report.

    Adversaries could exploit computer technology to disrupt the national infrastructure, such as utilities, telecommunications, transportation and finance -- all of which are controlled by computers.

    The National Counterintelligence Center told the Committee that governments of at least 23 countries are targeting U.S firms to exploit their computer systems remotely.

    Nation unprepared for cyberterrorism

    The U.S. has no comprehensive plan for how to respond to information security risks, the report states.

    The President recently signed a directive requiring an assessment and repair of vulnerable computer systems, but that policy has problems. It sets up no process to identify priorities, it fails to focus on the potential for international threats and it offers no assignment of which agencies would defend against information warfare attacks.

    Already, the Department of Defense is suffering from what is called the "Moonlight Maze" attack, in which adversaries -- believed to be Russian -- are trying to mine sensitive information from the United States.

    The Department of Defense and National Infrastructure Protection Center are on the job but so far the adversaries are ahead, the report states.

    A former KGB unit specializing in electronic eavesdropping "was certain to be exploiting the Internet for spying on America," one former Soviet counterintelligence leader told the Senate Committee.

    Now that Russia is economically strapped, it's cheaper to steal our research results electronically than to generate them within Russia, said Oleg Kalugin, the former chief of the Soviet Federal Agency for Government Communications and Information, part of the KGB.

    The solution, according to the report, is a cooperative effort that breaks down barriers between law enforcement, defense and intelligence responses.

    Experts must determine what the bare minimum for cyber-security is to protect the nation.

    "If we are to move into me next century maintaining U.S. sanctuary, then we must realize that national security is a shared responsibility," the report states.

    Looking at the Y2K Bug

    Senate report: U.S. makes 'remarkable progress' against Y2K problems
    September 22, 1999
    Washington Council of Governments holds Y2K readiness exercise
    September 7, 1999
    DOD: Face Y2K on your own
    August 25, 1999
    Survey: 75 percent of U.S. companies have already had Y2K failures
    August 12, 1999

    Sandia National Laboratories
    National Counterintelligence Center
    Note: Pages will open in a new browser window
    External sites are not endorsed by CNN Interactive.

    Enter keyword(s)   go    help

    Back to the top   © 2001 Cable News Network. All Rights Reserved.
    Terms under which this service is provided to you.
    Read our privacy guidelines.