News
News
3/9/2003
09:44 AM
50%
50%

Rising Threat

As war looms, the risk of cyberattacks from hackers and terrorists grows. Are you ready?

Just two days after the Department of Homeland Security officially opened its doors, government-and business-security managers scored a victory of sorts with a successful public-private effort to combat a potential threat to more than 1.5 million E-mail systems around the world. The work served as a dress rehearsal for the kind of cyberattacks the government expects will increase as geopolitical tensions rise and a war with Iraq looms.

When the Sendmail vulnerability and the patches for it were simultaneously made public last week, key commercial organizations such as banks and utilities, as well as government agencies, were prepared to deal with the problem, having been alerted to it in late February by officials at the government's Critical Information Sharing and Analysis Centers. Issuing the patches was the culmination of work that began in December, when security software vendor Internet Security Systems Inc. warned the National Infrastructure Protection Center, now a part of Homeland Security, of the vulnerability in the Sendmail Mail Transfer Agent, which handles half to three-quarters of all Internet E-mail traffic. If exploited, the vulnerability could disrupt E-mail systems, emergency services, telecom networks, and other online systems worldwide, ISS warned.

The new department quietly worked with businesses and government agencies to secure highly vulnerable communication systems, according to sources, including people at computer-security education group SANS Institute and ISS. Homeland Security, working with ISS, contacted software developer Sendmail Inc. and Sendmail distributors such as Hewlett-Packard, IBM, Silicon Graphics, Sun Microsystems, and the Sendmail Consortium, which immediately began developing patches.

To secure open-source Linux and Berkeley Software Design, or BSD, versions of Sendmail, the CERT Coordination Center, a group that provides security information and monitoring, asked vendors such as OpenBSD, Red Hat, and SuSE to assist in correcting the source code. Homeland Security notified the Defense Department--the first group to receive the patches on Feb. 25--and the Federal CIO Council about the flaw. The Federal Computer Incident Response Center and the Office of Management and Budget also joined in the effort.

"The cooperation on this effort was the best I've ever seen," says Alan Paller, director of research at the SANS Institute. "When has there ever been an example of the White House, OMB, federal and civilian CIOs, DoD, and nearly 20 software vendors, all working together under the Department of Homeland Security's encouraging leadership?"

The government is prepping for cyberwar in other areas. The new House Homeland Security Committee last week created five subcommittees to focus on security, one of which will oversee federal cybersecurity, science, and research and development efforts for homeland security. The move follows the approval of the Cybersecurity Research and Development Act, which pro-vides $900 million over five years for universities to create IT security centers and research ways to protect computer systems.

The joint public-private effort that the Homeland Security Department led may become standard operating procedure as war gets closer. The National Infrastructure Protection Center and officials in the United Kingdom have warned that cyberattacks against Western interests will likely increase as global tensions rise.

RICHARD CLARKE PHOTO

Government and business should prepare for more serious cyberattacks, Clarke says.
Richard Clarke, the former special adviser to the president for cyberspace security, in his first speech since leaving that post last month, told attendees at the InformationWeek Spring Conference last week that terrorists may use the Internet to attack America's infrastructure. Captured computers and documents make clear that al-Qaida operatives used the Internet to do "virtual reconnaissance" on U.S. infrastructure, not only on companies but on dams and power plants and the software that runs them, he said. They also were downloading hacker tools from Web sites, Clarke said.

Some recent activity, such as denial-of-service attacks against the Internet's domain-name servers and the Slammer worm, seem to be evidence of "some funny things happening in cyberspace" that stopped short of causing serious harm, Clarke said. "It looked to me like people were seeing what you could do to be really destructive but not being really destructive, yet."

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest, Dec. 9, 2014
Apps will make or break the tablet as a work device, but don't shortchange critical factors related to hardware, security, peripherals, and integration.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of December 14, 2014. Be here for the show and for the incredible Friday Afternoon Conversation that runs beside the program.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.