Forgot your password?
typodupeerror

CyberTerrorism - Reality or FUD? 358

Posted by CowboyNeal
from the ghost-in-the-machine dept.
Random Utinni writes "The director of the U.S. Cyber Consequences Unit (part of Homeland Security) claims that terrorist hackers are poised to create total chaos. He predicts all sorts of scenarios, from changing the formulae for medications to causing cars to explode after a few weeks of driving. Is this guy fearmongering for an increased budget, or is he on to something here?"
This discussion has been archived. No new comments can be posted.

CyberTerrorism - Reality or FUD?

Comments Filter:
  • by linvir (970218) * on Thursday June 01, 2006 @08:39PM (#15450102)
    It's no good burying your heads in the sand. Cyberterrorism is VERY real [linuxvirus.net]
    • One of the best stories I ever had the joy of reading in Wired magazine was Cyberwar [wired.com](pops) which was posted back in June of 02.

      Looks like some of the formatting is broken, but it is a good read. (IMHO)

      Decently written, and even today somewhat realistic version of what may or may not happen in such a scenario.

    • Ok, either that is some weird coincidence, or you managed to whip that up and get first post too. . .if its the latter, kudos man. That is the most elaborate first post ever, and one of the most thought out as well.
      • "Ok, either that is some weird coincidence, or you managed to whip that up and get first post too"

        He's a subscriber. That theoretically gives him at least 15 minutes to whip up a low-quality, yet hillarious cartoon before posting is allowed.
  • by Anonymous Coward on Thursday June 01, 2006 @08:39PM (#15450106)
    the term is being used to justify basically anything the american government wants to loegalize to suppress its peoples rights. the reason? who knows..
    • by tibike77 (611880) <tibikegamezNO@SPAMyahoo.com> on Thursday June 01, 2006 @08:51PM (#15450195) Journal
      Hint: Shift+4. Keep holding.
    • by kfg (145172) on Thursday June 01, 2006 @08:56PM (#15450222)
      to suppress its peoples rights. the reason? who knows..

      Power, money, Jesus, hot and cold running hookers.

      I think that pretty much covers it.

      One of these things is not like the others. One of these things just doesn't belong. . .

      KFG
    • by ChrisGilliard (913445) <christopher,gilliard&gmail,com> on Thursday June 01, 2006 @08:57PM (#15450229) Homepage
      TERRORISM IS FUD PERIOD

      Try telling that to the families of the 2000+ people that died on 9/11/01.
      • by Retric (704075) on Thursday June 01, 2006 @09:31PM (#15450423)
        Let's see annual death total from TERRORISM 2000 to 2006
        ~2k from 9/11 + 2.5k in Iraq(Which seems silly but we can add them in if you want...) / 6 = ~750 / year.

        So my annual risk from TERRORISM is about 250,000,000 / 750 US deaths / year or so my risk is around 1 in 333,333 per year.

        Let's compare that to:
        "Normal" Homicide which kills over 20,000 people in the US every year. Which means I am 27 times as likely to be killed by someone in the US vs. a foreign TERRORIST.

        Motor Vehicle Crashes: 26,000+ US deaths / year aka 35x as likely to kill me vs. Al Qaeda, yet I still drive.

        Poor Diet and Physical Inactivity: 365,000 US deaths / year aka 467x as likely to kill me which is why I work out and try to keep a healthy diet.

        Yet we are spending how much to fight TERRORISM?
        • Your homicide rate is almost as high as your car accident fatality rate? You've either got the safest drivers in the world or....
        • I like the Bin Laden comment "For one dollar spent by Al-Quaeda, we make the Bush administration spend one million dollar"
          • I like the Bin Laden comment "For one dollar spent by Al-Quaeda, we make the Bush administration spend one million dollar"

            I cannot find anything close to such a quote anywhere. Where you got that from?

            Anyways, the Bush administration would gladly give bin Laden the one dollar just so they can spend the million dollar on "terrorism".

        • by 4D6963 (933028) on Friday June 02, 2006 @06:15AM (#15452382)
          ~2k from 9/11 + 2.5k in Iraq(Which seems silly but we can add them in if you want...) / 6 = ~750 / year.

          No you should exclude the deaths of americans in Iraq, since I presume you've never been to Iraq and never will (and for the people who do, their odds should be calculated differently). If you calculate the odds for an american to die from terrorism, well normally you should use last year's figure but that wouldn't fun because IIRC from 2002 to now no american died from terrorism on the american territory (correct me if i'm wrong) so let's just use almost 5-year old 9/11 so you can have odds different than 0.

          So with 3,000 death (from wikipedia : "At least 2,986 people were killed in total") for about 300,000,000 people (from wikipedia : "As of July 2006, there are an estimated 298,444,215 people in the United States") in 6 years, you have, provided that we consider that another 9/11 might happen within the next 6 years, which is quite unlikely, 1 out of 600,000 odds of dying from terrorism within a one-year period.

          No good reason to be scared, according to me, but if you're one of the persons who think they are likely to win lottery, you should be crapping your pants.

      • So? How many people died in car accidents that day?
        • How much economic damage was caused by those car accidents? And by 9/11? The stock market could have crashed due to the 9/11 attacks (if I remember correctly, they had to close quite a few stock exchanges right after 9/11).

          Also remember that most car accidents are Darwinism at work. A good driver can prevent being involved in car accidents (100% of those caused by him, and most of those caused by other drivers through defensive driving, etc.).
          • by timeOday (582209) on Thursday June 01, 2006 @10:11PM (#15450641)
            How much economic damage was caused by those car accidents?
            I don't know, do you? I'd imagine the destruction of hundreds of thousands of cars, and tens of thousands of productive lives cut short each year is extremely costly. Speaking of which, I heard an insurance commercial today claiming that termites cause more damage to homes than hurricanes, tornadoes, and eartquakes combined. But it's hard to care about gradual things, no matter how significant.
            And by 9/11?
            What did the parent say? Terrorism is FUD. I think he meant this Administration actually promotes fear of terrorism, which is arguably true. But here's something that's inarguably true: terrorists terrorize in order to cause terror. Terror itself is an high degree of fear, uncertainty, and doubt (FUD). The very word "terrorism" places emphacis on emotional trauma to survivors, rather than the direct consequences of violence, because it's the terror, moreso than the destruction itself, that has an impact. That's why crashing planes into buildings is terrorism, whereas selling cigarettes is not.

            I'm not saying we shouldn't combat the terrorists, but I'm saying we should remember than their main weapon against us is fear. Contrast that against, say, the Soviets, whose main weapon against us was hydrogen bombs. I'll take the terrorists any day.

        • CAR ACCIDENTS ARE FUD PERIOD

          they are being used to justify basically anything the american government wants to loegalize to suppress its peoples rights. the reason? who knows..
          • Not really. There is a lot of legislation that was introduced for the purpose of preventing or minimizing harm from car accidents. Very little of that legislation had the sweeping side effects of the PATRIOT act, Homeland security etc etc etc.
      • Try telling that to the families of the 2000+ people that died on 9/11/01.

        Thats not the most interesting number, the number you should be interested in is How many people will give their lives to take back the lost freedom in the future.

        From what i hear, other countries where such fights have already happened or are still ongoing, its a hell of a lot more then 2000 ...
      • Try telling that to the families of the 2000+ people that died on 9/11/01.

        Ahhh! The corpses of the Twin Towers victims. Being waved around loudly on facist poles since Sep-2001.

        I certainly can't think of a more ignoble way to spend the afterlife than being constantly invocated by the living to justify their actions. If a seance ever works, these guys are going to be pissed.
        • Ahhh! The corpses of the Twin Towers victims. Being waved around loudly on facist poles since Sep-2001. I certainly can't think of a more ignoble way to spend the afterlife than being constantly invocated (sic) by the living to justify their actions. If a seance ever works, these guys are going to be pissed.

          To each their own I guess. I'll have you know that my will specifically mentions that my death shall be constantly invoked by the living to justify their actions and that my corpse shall be "waved a
        • by misleb (129952) on Thursday June 01, 2006 @10:31PM (#15450728)
          Ahhh! The corpses of the Twin Towers victims. Being waved around loudly on facist poles since Sep-2001.

          Since when has it become fashionable for Polish political extremists to wear corpses? That seems like a pretty big public health problem.

          -matthew
    • the term is being used to justify basically anything the american government wants to loegalize to suppress its peoples rights. the reason? who knows..

      the term [FUD]is being used to quickly dismiss anything "the american government" has to say without providing supporting arguments. the reason? who knows..

      P.S. On 9/10/01, the gov't claiming that bin Laden was poised to strike within the US by hijacking airplanes and flying them into buildings would have been considered FUD (no?).
    • The odds of being killed in a terrorist attack are probably worse than being killed by lightning. The current Bush Administration is not there for the American people, they are there for the big oil money. Why has America not gone after Saudi Arabia, where 9 of the hijackers were from? Why are our borders still porous?

      The only way to coral "free" people into a "monarchial" society, is to use fear.

  • Oh please... (Score:4, Insightful)

    by Audent (35893) <audent.ilovebiscuits@com> on Thursday June 01, 2006 @08:40PM (#15450109) Homepage
    Is that the best they can come up with?

    Attacks on SCADA systems?

    Who puts their vital power infrastructure controls online anyway?

    I cry FUD, and let slip the dogs of mainstream media.
  • We all know the most efficient way to cause chaos over the internet is to control the traffic lights to all turn green at the same time.
    I can't wait for it to actually happen.
    • I reckon red would be more effective. Can you imagine the frustration? People would start killing each other.
    • by sorak (246725)
      We all know the most efficient way to cause chaos over the internet is to control the traffic lights to all turn green at the same time. I can't wait for it to actually happen.

      Drivers in my home town have found a way around that. They tend to ignore traffic laws entirely.

  • Chicken Littles? (Score:4, Interesting)

    by informatico (978356) on Thursday June 01, 2006 @08:42PM (#15450120) Homepage Journal
    Reminds me of the up coming horrors of Y2K that amounted to a few slot machines not working after midnight.

    Although chicken littles can be right once in a while given the sheer number of warnings tossed about, and then no one listens to them when they should have ;).
    • by geekoid (135745) <dadinportlandNO@SPAMyahoo.com> on Thursday June 01, 2006 @08:46PM (#15450162) Homepage Journal
      Maybe there was no Y2K disaster because people where pooring over code and fixing them before they happened?

      I saw some testing of systems in '95, I can tell you for a fact that they would have failed in some very spectacular ways.

      It's like knowing there is going to be a tidle wave on a specific time. Then building a huge wall to prevent it. Then when the wave comes and the wall prevents people from dying people say "That wasn't so bad, we shouldn't have built the wall"
      • by Audent (35893)
        Well done that man...

        I get sick and tired of the "Y2K was all nonsense" line of argument. I saw plenty of companies that would have been unable to function without their Y2K upgrades.

        Sure, the Hollywood spectacular was never on the cards, but we all knew that right?

        Y2K was real. It was a problem. We solved it. Well done to all concerned.
        • It depends on what people were saying was nonsense. If the media had been running reports about how "Y2K will cause untold manhours in overtime labour!", that would have been a reasonable thing to take seriously. But the media was actually running reports about the shortages of fresh water we'd all be facing, and how there wouldn't be enough shotguns to go around when the zombies came for us. So yes, that was definitely ridiculous. Y2K was a serious problem in the sense that global warming is a serious
      • Any piece of software that would have failed spectacularly due to Y2K had way too much reliance on dates to have been using a two digit year in the first place.

        Y2K had largely no effect because most code would simply display 00 or 1900 rather than 2000. Odd, yes, life-threatening, no, and if it is, why the fuck didn't they think of that when they were programming their software in the first place?
        • The reason for using 2 digit years in the first place was because memory and storage were limited and expensive.

          I'm guessing you haven't been programming for over 30 years.

        • Re:Chicken Littles? (Score:5, Informative)

          by ScentCone (795499) on Thursday June 01, 2006 @09:52PM (#15450542)
          You're confusing the cause of the problem with what would have been the results if it had not been taken care of.

          I worked on Y2K remediations that impacted everything from payroll to fire alarm systems. Another was responsible for scheduling medical supply deliveries to EMT rigs. I know people who worked on phone systems (911 dialing, anyone?), hospital HVAC, food storage systems, and water treatment facilities.

          Why no big problem? Because we all worked our asses off, that's why. Calendar roll-forward trials on paralllel copies of the systems produced everything from total failures of HVAC to people not getting paid and medical shipments dying in the freight schedules. Those things were only avoided because they were fixed. Should the people who originally paid for those systems have not cut the corner, or pressed their original engineers on the issue? Sure. But they didn't. Just like the people that designed much of what's still vulnerable today - only instead of the calendar, it's accidents and malice to fret about.
    • I'm tellin' you, the Y2K computer's got him. We'll face burnin' roads, cars exploding, painkillers transformed into Scud missiles. There's nothing we can do.
    • by billstewart (78916) on Thursday June 01, 2006 @09:38PM (#15450467) Journal
      You've got the wrong childrens' story here. The Bush Administration has been crying "Wolf Wolf" since they started running for office, and their military-FBI-spook allies in Washington have been crying it for years before that. Their most important political strategy has been to keep announcing things that Americans should be afraid of and announcing that they're strong decisive leaders who can protect us from the enemies that are trying to kill your children and hate your freedom. (Their other main strategy has been to preemptively smear their potential opponents, usually by saying that they're not strong enough or decisive enough to protect our families from our enemies as well as saying they don't share our values - "Kerry the Flip-flopper" trumps "Kerry the War Hero" any day, much more effectively than "Kerry the Liberal".) It doesn't matter that the wolf didn't show up this time, or that the "credible evidence" or "terrorist chatter" didn't turn into an attack, because We Scared The Wolf Away Again, But There Are Still More Wolves To Be Afraid Of.

      Cindy Sheehan was really effective against Bush for a while because she's a strong family-protection figure who made it clear that Bush had endangered her family rather than protecting it. And Katrina was even more effective, because it demonstrated that Bush wasn't decisive, or strong, or competent, when faced with an actual threat that he couldn't control but could have responded to. Osama bin Laden was just fine - if you're crying Wolf Wolf and a real Wolf shows up on occasion, that demonstrates that your strong leadership is needed just like you said.

    • Well, they are right once in a while, so if we amortize that rate, we can say that chicken littles predict minor disasters quite frequently. Minor disasters are usually the responsibility of the local firedepartment. Issue resolved. Next!
  • by AtariDatacenter (31657) on Thursday June 01, 2006 @08:42PM (#15450125)
    I mean, really, this all sounds more like industrial sabotage than terror. I mean, are you really going to have people running in fear for their lives that... say... the next time they fill up their car, the gas pump might explode? Or that any pill that they take next could be their last?

    Most acts that they're looking at would be one time things, and isolated/restricted in nature. (Also making it easy to identify/avoid/fix.) I can't see that something like this would actually cause terror.

    Again, CyberSabotage. Nothing more.
    • If anyone's the terrorist, it's the guy in the summary making all these doomsday predictions.
    • then tylenol scare?

      Yeah, if people started dying because medical drug formulas were screwed up, it would cause terror, and for a longer time then a bomb could.
      • The difference is that was product tampering, which didn't happen at the centralized production point, but out on the shelves. That is where the tampering with Tylenol was going on. When you've got tampering at the factory level, the initial impact may be worse, but the clean-up is much easier. Because you can track lot numbers and shipments.

        Centralized tampering is easier to mitigant than decentralized tampering.

        And then once Tylenol has a scare... someone would have to find a way to pull the same feat at
      • And not that much stronger too..

        If the terrorist Mohamed Al-blowyouup hacks into the tylenol factory computer and sets the process to add twice as much of the active ingreedient, the workers will begin to notice that they are running out of the stuff faster than before, using more than they should, Al-blowyouup could instead put less in - bad consequences tylenol stops working so well (and workers think hmm tank is still full?).
        Al-blowyouup has no choice to add somthing like rat-poison to the mix, at least
  • It's FUD (Score:5, Insightful)

    by wirelessbuzzers (552513) on Thursday June 01, 2006 @08:43PM (#15450130)
    It would take an expert insider a lot of work to cause the kind of catastrophes the author is predicting here. Making a bomb is quick, easy way to kill a lot of people, and it gets a lot more media attention. It's also much closer to Al-Quaeda's traditional area of expertise.
    • Making a bomb is quick, easy way to kill a lot of people, and it gets a lot more media attention. It's also much closer to Al-Quaeda's traditional area of expertise.

      Making a bomb would have also been a lot easier than hijacking and flying (took a lot of time to learn how to pilot a plane) them into various buildings. Your point being?
  • My question... (Score:5, Insightful)

    by laughingcoyote (762272) * <{moc.eticxe} {ta} {lwohtsehgrab}> on Thursday June 01, 2006 @08:43PM (#15450134) Journal

    From TFA:

    "Chatter on Scada attacks is increasing," says Borg, referring to patterns of behaviour that suggest that criminal gangs and militant groups are now fully capable of unleashing such attacks.

    Then especially in the case of terrorists, WHY THE HELL HAVEN'T THEY DONE IT YET? If one of them had a shot at bombing the White House tomorrow, do you think he'd say "Eh...no, I'd rather wait until next week and hope they don't improve security by then."

    This is not fearmongering for money. This is fearmongering for POWER-and the power they're going to shoot for is the power to control the Internet.

    What a hell of an ironic name for that guy, Borg. I think that might tell us about everything we need to know.

    • Yeah, seriously. You'd think refineries would be blowing up left and right.

      Oh. Wait.
    • This is fearmongering for POWER-and the power they're going to shoot for is the power to control the Internet.

      Aren't the people claiming that this is fear-mongering for nefarious purposes also fear-mongering to a certain extent (*head blows up*)?
    • This is not fearmongering for money. This is fearmongering for POWER-and the power they're going to shoot for is the power to control the Internet.
      I just had a thought: why is it that comments such as this never come up whenever someone mentions global warming, especially since most (all?) of the solutions offered involve considerably extending the governments influence and control over the economy and private individuals ("This is fear-mongering for POWER-and the power they're going to shoot for is the p
  • by beavis88 (25983) on Thursday June 01, 2006 @08:44PM (#15450139)
    Period.
    • Yeah, and then when nothing happens they can say "look at our good work! we stopped the attack!"
    • He's definitely fearmongering for more budget - but it's a lot more than that, because all of these things reinforce each other. When the public is afraid and angry because the government got caught with a policy of widespread unwarranted wiretapping, fearmongering helps divert the anger, and Angermongering (against child pornographers and other scum) helps get them more budget as well. More budget for "anti-cyberterrorism" really means more budget for tools and regulations that let them eavesdrop on more
    • by Slur (61510) on Thursday June 01, 2006 @11:28PM (#15451008) Homepage Journal
      If only this kind of fear-mongering worked for things that matter on a broader, deeper scale...

      I'm thinking particularly of the incessant decay of the US quality of life due to the usurpation of our systems of agriculture, education, health, and welfare by private interests. The failure to properly develop these systems is leading inexorably to the collapse of the USA. No one is afraid because the frog in the slow boiling pot never knows its predicament till it's too late.

      People should also be trembling at the insane schemes being used to divert of the people's wealth through the "war-funnel" directly into the pockets of a few industrialists, primarily to fund the further usurpation of the people's government by corporatists.

      For some reason, even after the horrors of Nazism, our current brand of Fascism doesn't seem to scare people, even as it undermines and threatens our lives in a thousand subtle ways. The air we breathe, the water we drink, the food we eat, and the society we live in are becoming increasingly dangerous to our own health. Yet no one stirs as their neighbors are snatched up from empty factory floors and sent to foreign lands to be maimed and killed to enrich Halliburton. No one even blinks as petroleum and agriculture collude to foster diseases that keep the pharmaceutical stocks ballooning.

      east timor, petroleum, nafta, fertilizers, pharmaceuticals, 9-11, coyness, illegal surveillance, gmo seeds, data mining, mad cow disease, mandatory testing, guantanamo bay, rampant privatization, obtuseness, selling off the commons, executive war crimes, strip mining, the war on terra, faux news, cafta, kissinger, allende, iraq, bunker busters, missing billions, media culpa, torture, abu ghraib, reality television....

      The connections are clear and simple. The machine now bleeds the people, everywhere, without conscience.

      Be afraid, be very afraid.
  • Why the hell... (Score:5, Insightful)

    by ZiakII (829432) * on Thursday June 01, 2006 @08:44PM (#15450145)
    "Think of the control systems for chemical plants, railway lines, or manufacturing facilities. Shutting these systems down is a nuisance. Causing them to do the wrong thing at the wrong time is much worse."

    Am I the only one who is thinking? Why the hell are these things connected to the Internet then? And if its an absolute must why not setup the companies using a system like the US Governments's SIPRNet [wikipedia.org]
    • Am I the only one who is thinking? Why the hell are these things connected to the Internet then?

      I'll play devil's advocate here...

      At a company that a relative worked for (in a co-op term), she informed me of a security breach that was going on. A "secure" computer had a modem installed. Since this was a security risk, the modem was removed since secure computers are not supposed to be attached to an "insecure" network.

      Within 24 hours, another modem found it's way into the computer. (Remember - this is

  • by dazzawazza (131000) on Thursday June 01, 2006 @08:44PM (#15450146) Homepage
    I'd like to suggest he is on something rather than on to something.
  • Scott Borg? (Score:2, Insightful)

    by Arcane_Rhino (769339)
    The director and chief economist of the US Cyber Consequences Unit (CCU) name is Scott Borg? Is this a set up?

    As far as fear mongering, you don't get a $93 million dollar budget for simply recommending that companies follow well established security procedures, including vigilance against social engineering.

  • As a former public servant, I can tell you that fear-mongering and blowing things out of proportion is an important way that a department justifies the resources they are using.
  • This time, on the internet.
  • by GeneralEmergency (240687) on Thursday June 01, 2006 @08:55PM (#15450217) Journal


    Many years ago, I worked for a small company that had a contract to service the massive dot matrix signs that are spaced every few miles along the Southern California freeway network.

    As part of the job, we were given a portable ascii terminal to enter test pattern data directly into the sign controller. Just for fun, we held an internal contest to think up 'What was the worst possible thing that we could type into the portable terminal for posting over the freeway at rush hour'.

    The winner?

    "INCOMING NUKE ATTACK - EST 15 MIN"

    Just imagine the bedlam .
  • Confusing (Score:3, Interesting)

    by illuminatedwax (537131) <stdrange AT alumni DOT uchicago DOT edu> on Thursday June 01, 2006 @08:57PM (#15450225) Journal
    This doesn't seem like strictly "cyber" terror. My guess is that things like power plants valves and switches, prescription formulas, and car design specifications are NOT ON THE INTERNET. This is industrial sabotage, which requires physical access to the resources. The "cyber" part just means that computers are somehow involved. So what we have here is just a new way terrorists can fuck with us that we need to pay attention too.

    Certainly people running power plants or pharmaceuticals need to secure their own internal computer network to keep some guy from reaching over a secretary's desk and altering the recipe for Prozac. But calling it "cyber" terrorism is just going to scare people into allowing the government to monitor their Internet traffic. After all, you wouldn't want a terrorist breaking into a nuclear powerplant over the Internet would you?! It's just another power grab instead of sanely alerting the respective authorities.
    • You guess wrong. While such systems are rarely directly net accessible, they're often accessible to machines in a company's internal network or DMZ, precisely for remote administration or debugging. And once the virus or attack is inside, they can use the "feel-good" use of an external firewall to enter every improperly secured system.

      Ask any administrator who's had to deal with spamware showing up inside their company's network from some VP's traveling laptop, which they refuse to update lest it break or u
  • by crmartin (98227) on Thursday June 01, 2006 @09:01PM (#15450250)
    Okay, folks, tell me: what can a cyber-terrorist do to a car that will cause it to burst into flames in a few weeks? All I can think of offhand is changing the spec for the gas line to gum rubber instead of neopreme, or soemthing like that --- and, of course, no one involved will ever notice, because cars are completely assembled by robots and no human ever sees the specs, buys the materials, or checks the figures.

    And, if they were to do so, what happens? Someone announces a recall and a bunch of people take their cars to the dealerships.

    Hell, why not do it the cheap way: wait until there is an accident, and just announce that it was done by your super secret ninja terror 31ee7 hax0rs.

    Or consider the sources: this guy from the "U.S. Cyber Consequences Unit" --- with their empty website [usccu.us] on a non-government '.us' domain.

    Remember, kids, only a few years ago, the world didn't need computers to run. Chemical plants and other control systems have failsafes and safety valves and emergency shutdowns; people survive power blackouts, even if the birth rate does go up; we still have analog radios and mechanical water valves.

    On the other hand --- here's some guy with a nifty-sounding name on a web-site, and Richard Clarke, who has been making a living from running around with his hair on fire ever since he said cyber-terror was a bigger threat than al Qaeda. Get a little attention, and people will start taking their calls again; maybe the USCCA" can even hire someone to make a web site.

    Who benefits from this story?
    • Okay, folks, tell me: what can a cyber-terrorist do to a car that will cause it to burst into flames in a few weeks? All I can think of offhand is changing the spec for the gas line to gum rubber instead of neopreme, or soemthing like that --- and, of course, no one involved will ever notice, because cars are completely assembled by robots and no human ever sees the specs, buys the materials, or checks the figures.

      Easy.. Said terrorist creates fake web page claiming dousing your car's interior with gasol

    • wouldn't someone notice that they're using way too much rubber tubing and try to find out why? At the end of all the computers, there are bean counters who are REALLY anal.
  • by lelitsch (31136) on Thursday June 01, 2006 @09:03PM (#15450262)
    I thought he might have something until I got to the exploding car part. Everything up to that is very unlikely, but probably doable for a determined attacker with local access. And there might even be some companies who put part of their SCADA on the internet--all of them deserve whatever they get. But changing medications and "car specifications so they explode after a few weeks"? Give me a break. Cars do not explode due to spec changes--short of including a pound of C4 and a triggering device in the spec. The worst might be putting a virus or trojan into the engine electronics that would lock the engine. And while cyberterrorists broke into a pharmaceutical company's central computer and changed the recipe for a pill to kill people on the Brit MI5 spy series, systems like that are not online and there is something called quality assurance--as in testing each batch before it goes out to the customers. So an attacker would need local access to the production facility, the automated QA, the manual testing, .... . I think this guy is watching to much TV. He would just have disqualified himself in any sane governmental organization. Thank god the DHS is not one of them.

    There are serious cyber threats, though, denial-of-service attacks, attacks on online trading systems,... But that was probably not as dramatic as exploding cars.

  • What an hilarious coincidence ! Listen to this: Bruce Schneier is currently running a contest on his blog [schneier.com] where people are asked to invent dumb movie-plot terrorist threats. The purpose of this contest is to demonstrate that such invented threats are only "good for scaring people, but it's just silly to build national security policy around them". And a recent suggestion [schneier.com] (that predates TFA!) is precisely based on the idea that terrorists could build faulty parts into automobiles. I litteraly ROTFL when I he
  • great... (Score:5, Funny)

    by SekShunAte (978632) on Thursday June 01, 2006 @09:11PM (#15450303)
    now that it's been publicized we'll have terrorists sittin around in their boxers and socks drinkin beer at their puter screen giggling when they confuse the subway employees on the recipe for a roast beef sandwich.
  • And these things are not only possible, but seriously in danger of happening.

    Why are these things possible?

    You'd think, if you have a major security flaw like the ones listed, you would fix it. Who actually puts the controls for their manufacturing process on the internet? No, I'm serious, who does this, and why do we let them get away with it? Screw making kinks in the industrial formation process, if I can get that kind of access over the internet, I'm going to take control of those freakin' huge f

  • HCF (Score:2, Funny)

    by nosredna (672587)
    Sweet, we might finally have a working Halt and Catch Fire [wikipedia.org] command in our lifetimes!
  • boxcutters people (Score:3, Insightful)

    by circletimessquare (444983) <circletimessquare AT gmail DOT com> on Thursday June 01, 2006 @09:25PM (#15450400) Homepage Journal
    september 11th was implemented with boxcutters

    so let's loose the technophilia when addressing terrorism

    it's the low tech/ no tech exploits that should be our focus
  • Look at what happened after CAN-SPAM....
  • I always find it interesting to see how paranoid governments are, compared with their citizens.
  • by layer3switch (783864) on Thursday June 01, 2006 @09:45PM (#15450496)
    Such as MySpace, Rotten, RealUltimatePower, Scientology, etc.

    Jokes aside, good read on CyberTerrorism before 911. Evidently CyberTerrorism isn't post 911 antics. It's been around for years now.
    http://www.cnn.com/TECH/specials/hackers/cyberterr or/ [cnn.com]
  • by caller9 (764851) on Thursday June 01, 2006 @09:59PM (#15450573)
    I would like to see some discourse on the ability of these FUD spewers to actually react or inform people on actual network security.

    I attended a cyber security thing once put on by these guys. It was completely worthless. When I say completely worthless I'm talking screendoor on a submarine worthless.

    A scenario: "Half of your computers on the network are infected by a virus, it is tying up your internet bandwidth trying to spread itself, what do you do? what...do...you...do?"

    Ok, for 1 if you're worth a damn you don't open port 25 outbound to client PCs anyway and proxy most internet traffic. The only outbound ports are for legacy systems with dedicated IPs. Second, say you do notice your bandwidth is consumed by something. Sniff the port, and close the firewall rule for said traffic until you have the info to take further action. Implicit deny anyone?

    Their scenario was geared toward the morons of the IT industry who might truly be perplexed by such a situation, but I found it laughable.

    That wasn't the totally useless part. The exercise as it was to be performed: IT provides the info on systems we are running and possible vulnerabilities. They come up with semi-plausable scenarios to exploit them. But in this event the EOC is fake-active and public safety officials are in a paper simulation of cyber attacks going on in their network. Notably, the analog radio system at the core is not mentioned.

    For every problem the solution would be to call IT. IT isn't even part of the exercise. Our fire chief who knows fire and fire personnel management inside and out, doesn't know the difference between PCL6 and PostScript. Nor would anyone in their right mind ask him to write an ACL for cisco equipment much less give him enable priviledges. Not that he would ask for them, he knows better. He knows that if you have a leaky pipe you call a plumber, not an ambulance.

    So the point of the whole exercise it to blow taxpayer money, ensure that public safety knows the numbers of appropriate IT personnel, possibly expose idiotic IT practices, and give public safety guys a little more FUD stress they could do without.

    Have they even simulated what would happen if a local ISP had a truck full of manure driven into it. That could easily take out half a city's internet and probably a few people downstream in a single point of failure. Would it effect first responders? Not at all. They have radios.

    I can't imagine many scenarios where cyber terrorism would be life threatening. Possibly have an economic impact, but I bet it would pale in comparison to phishing scams which they can't even police now.
  • by Master of Transhuman (597628) on Friday June 02, 2006 @12:43AM (#15451407) Homepage

    Time to terrorize the public again.

Get hold of portable property. -- Charles Dickens, "Great Expectations"

Working...