Welcome Guest. | Log In| Register | Membership Benefits
  • Email this page E-mail this page
  • |  Print Print this page
  • |   Bookmark and Share
  • icon

Rising Threat


As war looms, the risk of cyberattacks from hackers and terrorists grows. Are you ready?

By George V. Hulme
InformationWeek
March 10, 2003 12:00 AM (From the March 10, 2003 issue)

Just two days after the Department of Homeland Security officially opened its doors, government-and business-security managers scored a victory of sorts with a successful public-private effort to combat a potential threat to more than 1.5 million E-mail systems around the world. The work served as a dress rehearsal for the kind of cyberattacks the government expects will increase as geopolitical tensions rise and a war with Iraq looms.

More Software Insights

White Papers

Webcasts

Reports

Videos


The startup is using the software as a service model to create a customizable BI platform for small to medium sized businesses. Microsoft GM of Virtualization, Mike Neil, on the State of Virtualization, Hyper V and Windows 2008 Oracle SVP of Application Development, Jesper Andersen, on Key Trends in Software and Application Integration
The startup is using the software as a service model to create a customizable BI platform for small to medium sized businesses.
When the Sendmail vulnerability and the patches for it were simultaneously made public last week, key commercial organizations such as banks and utilities, as well as government agencies, were prepared to deal with the problem, having been alerted to it in late February by officials at the government's Critical Information Sharing and Analysis Centers. Issuing the patches was the culmination of work that began in December, when security software vendor Internet Security Systems Inc. warned the National Infrastructure Protection Center, now a part of Homeland Security, of the vulnerability in the Sendmail Mail Transfer Agent, which handles half to three-quarters of all Internet E-mail traffic. If exploited, the vulnerability could disrupt E-mail systems, emergency services, telecom networks, and other online systems worldwide, ISS warned.

The new department quietly worked with businesses and government agencies to secure highly vulnerable communication systems, according to sources, including people at computer-security education group SANS Institute and ISS. Homeland Security, working with ISS, contacted software developer Sendmail Inc. and Sendmail distributors such as Hewlett-Packard, IBM, Silicon Graphics, Sun Microsystems, and the Sendmail Consortium, which immediately began developing patches.

To secure open-source Linux and Berkeley Software Design, or BSD, versions of Sendmail, the CERT Coordination Center, a group that provides security information and monitoring, asked vendors such as OpenBSD, Red Hat, and SuSE to assist in correcting the source code. Homeland Security notified the Defense Department--the first group to receive the patches on Feb. 25--and the Federal CIO Council about the flaw. The Federal Computer Incident Response Center and the Office of Management and Budget also joined in the effort.

"The cooperation on this effort was the best I've ever seen," says Alan Paller, director of research at the SANS Institute. "When has there ever been an example of the White House, OMB, federal and civilian CIOs, DoD, and nearly 20 software vendors, all working together under the Department of Homeland Security's encouraging leadership?"

The government is prepping for cyberwar in other areas. The new House Homeland Security Committee last week created five subcommittees to focus on security, one of which will oversee federal cybersecurity, science, and research and development efforts for homeland security. The move follows the approval of the Cybersecurity Research and Development Act, which pro-vides $900 million over five years for universities to create IT security centers and research ways to protect computer systems.

The joint public-private effort that the Homeland Security Department led may become standard operating procedure as war gets closer. The National Infrastructure Protection Center and officials in the United Kingdom have warned that cyberattacks against Western interests will likely increase as global tensions rise.

RICHARD CLARKE PHOTO

Government and business should prepare for more serious cyberattacks, Clarke says.
Richard Clarke, the former special adviser to the president for cyberspace security, in his first speech since leaving that post last month, told attendees at the InformationWeek Spring Conference last week that terrorists may use the Internet to attack America's infrastructure. Captured computers and documents make clear that al-Qaida operatives used the Internet to do "virtual reconnaissance" on U.S. infrastructure, not only on companies but on dams and power plants and the software that runs them, he said. They also were downloading hacker tools from Web sites, Clarke said.

Some recent activity, such as denial-of-service attacks against the Internet's domain-name servers and the Slammer worm, seem to be evidence of "some funny things happening in cyberspace" that stopped short of causing serious harm, Clarke said. "It looked to me like people were seeing what you could do to be really destructive but not being really destructive, yet."


Page 2:  Rising Threat
1 | 2 Next Page »


Subscribe to RSS


Advertisement

CAREER CENTER
Ready to take that job and shove it?



TechCareers

SEARCH
Function:

Keyword(s):

State:
SPONSOR
RECENT JOB POSTINGS
CAREER NEWS
10 Search Engines You Don't Know About
Go beyond Google and get vertical. These specialized search sites will help you find the business information you need -- fast.

Yahoo Profits Fall 23%, Cuts 1,000 Jobs
Ari Balogh was named to the post of chief technology officer as the companys for a "realignment" of employees.

More articles from our career center





Subscription Info
Apply for a free 52-week subscription to InformationWeek (a $199 value)

Last Name:

First Name:

Title:

Company Name:

City:

Business Address:

Zip:

State:

Email Address:

NOTE: Offer valid for U.S., U.S. possessions, & Canada only

            

Join economist Chris Cornell and 3 CIOs in an Exclusive Online Exchange for Senior IT Executives: Using IT to Drive Value in a Turbulent Economy. November 5th only.