Suche innerhalb des Archivs / Search the Archive All words Any words

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[] Cyberterror and professional paranoiacs,

Eine lesenswerte Hype-Frühwarnung. 
Diesmal scheinen die (deutschen?) Medien aber etwas zurückhaltender bei
diesem Thema zu sein. Die FoG:IS wird jedenfalls derzeit eher zu Themen
wie High-Tech-Waffen, Kriegsberichterstattung und allgemeine
Militärstrategie gefragt. Im Afghanistan-Krieg wollten noch alle etwas
zu Cyberterror hören...

Cyberterror and professional paranoiacs

By Declan McCullagh 
March 21, 2003, 4:00 AM PT 

WASHINGTON--The U.S. war on Iraq has begun. 

Now wait for the hype about "cyberwar" and "cyberterrorism" to follow. 

The first onslaught came this week when Homeland Security Secretary Tom
Ridge said he was ratcheting up to an Orange Alert to coincide with the
U.S. invasion.
Ridge said his department would "monitor the Internet for signs of a
potential terrorist attack, cyberterrorism, hacking, and state-sponsored
information warfare." 

Then, during an appearance on Thursday to ask a House panel for a fatter
2004 budget, Ridge claimed that cyberterrorists were just as dangerous
as physical ones. 

"We will not distinguish between physical and cyber in this new unit,"
Ridge said. "We will pay as much attention to the Internet as we do

What is this guy thinking? 

Last I checked, it was physical terrorists who bombed the Marine
barracks in Lebanon, who attacked the U.S.S. Cole, who took out the
Oklahoma City federal
building, and who suicide-bombed the World Trade Center and the

Wily-fingered hackers had nothing to do with it. 

Until recently, Ridge has seemed basically levelheaded about the real
dangers of cyberterrorism. Someone who's close to Ridge told me that the
secretary simply
doesn't care that much about the topic, which would explain his silence. 

But now that agency budgets are up for review, Ridge seems to be
treading the same alarmist path as did his former cybersecurity deputy,
Richard Clarke, who quit
in January. 

Clarke was a professional paranoiac, a modern-day Chicken Little
blinkered by a career spent in the cloistered intelligence community. It
didn't help that Clarke's résumé featured such harrowing tasks as
planning for the "continuity of government" after a nuclear strike on
Washington--a job where no precaution is too extreme. Soon after
President Clinton appointed him to a "national coordinator" post in
1998, Clarke became infamous for darkling warnings about the specter of
a "digital Pearl Harbor" that would snarl computers and roil the world's

To understand this bureaucratic mindset, consider that--while at the
U.S. State Department in the mid-1980s--Clarke concocted a zany plan to
incite a coup against Moammar Gadhafi to punish the Libyan strongman for
embracing terrorism. Clarke's suggestion: SR-71 spy planes would buzz
Libya, creating sonic booms that would appear to herald an invasion,
thus unnerving Gadhafi. 

Meanwhile, the U.S. Navy would fake hostilities off the coast and the
State Department would encourage "speculation about likely Gadhafi
successors," according to a memo coauthored by Clarke. After news of the
plan leaked, an embarrassed Reagan White House unceremoniously ditched
it. The New York Times' William Safire dubbed the scheme "stupid and

Clarke's penchant for the dramatic, which I witnessed firsthand when I
spent an hour interviewing him in December 2001, extended to a farewell
statement he circulated in January. It warned of the dangers of the SQL
Slammer worm, which infected servers running Microsoft software. 

In that statement, Clarke claimed that Slammer "disabled some root
servers, the heart of Internet traffic." Not true. A report from the
RIPE Network Coordination Center--one of the Internet's four regional
registries--said that at most the worm slowed connectivity to two of the
13 root servers and did not disable any of them. "This did not cause any
degradation in (domain name system) service," RIPE concluded. 

Clarke also claimed that "a national election/referendum in Canada was
canceled" due to computer mischief. At best, that was a reckless
exaggeration. What
actually happened is that Canada's New Democratic Party held a
leadership convention and found their Internet voting to be sluggish.
CBC reported that voting was completed just 45 minutes behind schedule. 

It's not just Clarke and Ridge. Exaggeration is easy when you're a
bureaucrat hoping to make yourself seem more important and thereby
fatten your paycheck at your next job, or when your funding is up for
review, or when you want to lobby for new and probably unwise laws that
would endanger privacy or impose additional costs on technology firms
(one of Clarke's pet ideas). 

It's important to remember that, as CNET reported in detail
last year, it's always easier to bomb a target than hack a computer.
Although it is possible for electronic intrusions to damage
infrastructure and threaten physical danger, taking control of those
systems from the outside is extremely difficult, requires a great deal
of specialized knowledge and must overcome noncomputerized fail-safe

Put another way, I've never heard of one death that could be attributed
to "cyberterrorism." Not being able to check your e-mail for a day is an
annoyance, not terrorism, as Counterpane's Bruce Schneier said last

On Thursday evening, President Bush said he would nominate Frank Libutti
to be Ridge's undersecretary for "Information Analysis and
Infrastructure Protection,"
a position that will have key Internet responsibilities. Libutti
currently is deputy commissioner for counterterrorism at the New York
City Police Department, and is also a retired lieutenant general in the
U.S. Marine Corps. 

The Internet community should work with Libutti to put the threat of
cyberterrorism in perspective. We don't need any more government
officials clamoring for intrusive new laws and claiming, against all
common sense, that a "digital Pearl Harbor" is just around the corner.

Liste verlassen: 
Mail an infowar -
 de-request -!
- infopeace -
 de mit "unsubscribe" im Text.