|
Thursday, August 14, 2003
Ng: Cyberterrorism
By WILSON NG
VIRUS. For the last few years, we have talked of terrorism. However, there is another facet of this we need to be alert on—cyberterrorism. If you have been watching movies or reading Tom Clancy novels, you might already be aware of the devastation of unleashing the right virus. In the movie Independence Day a few years back, what saved the earth was its ability to put a virus that purportedly destroyed the aliens’ computers that housed the shield defense.
This is not too difficult—we know how a Filipino student unleashed the Love Bug, which caused billions of dollars in damage. It was nothing to be proud of—ethically, it was sick.
What the experts say is that the Love Bug was a social ingenuity, not a technical feat. It was successful because people were only too eager to open mail when they thought it was from an admirer professing love.
There are many off-the-shelf viral packages so that almost anybody who wants to be notorious could be. Luckily, our laws have now made that a criminal offense.
Based on the experience the last few years, encapsulated in the recent Black Hat Briefings, the Denial of Service Attacks or remote break-in are tools to use if you want to target specific companies.
But for wreaking havoc on a country, which somebody might want to do on the United States, for instance, the email virus is still the most likely tool to be used. We have to be concerned because a large part of our Internet traffic and in fact, infrastructure, is also dependent on the United States.
In fact, today, as I write this, news is surfacing of a virus called Lovsan that has infiltrated a few thousand computers worldwide, including a couple of local telecommunications companies.
EASY TO DO. A cyberterrorist could just use a search engine and gather thousands of email addresses to target. That is easy enough. You can easily write a script that will search thousands of websites for email addresses much like what Yahoo and Google do after they catalogued their search directories.
You can hunt addresses of financial companies, government, the military or only specific companies. Bulletin boards, discussion forums and websites are full of Web addresses. In a way, therefore, it is not good to put your email addresses on websites, and you might want to use your secondary addresses when participating in discussions.
After that, it is easy stuff. There are many off-the-shelf packages you can download from the Internet that will allow you to create email viruses even without programming. So, there is nothing now that stands before this person with the addresses and the malicious code he is ready to unleash.
The US, especially, should have cause for worry. There are only too many people that would want to cripple the nation’s infrastructure in communications or simply to wreak damage on US companies. It is not only the US but all of us, who should turn our attention to making sure we are prepared for these kinds of things. (Wilson welcomes comments at Wilson@esprint.com.) |
|
[ return
to top ]
[ home
]
|
LOCAL NEWS
BUSINESS
OPINION
SPORTS
LIFESTYLE
FEATURE
SUPERBALITA
WEEKEND
|
