Home > Articles > Security > General Security and Privacy

The Dirty Dozen: The 12 Security Lapses That Make Your .Com, .Org, or .Net an Unwitting Collaborator with Cyberterrorists

  • Print
  • + Share This
Are you unintentionally supporting cyberterrorism? If your security isn't ultra-tight, your .com, .org, or .net site just may be colluding in cyberterrorist activity. Frank Fiore and Jean François provide a checklist of questions to which you need solid, intelligence-safe answers.
Like this article? We recommend

The World Changed on September 11, 2001

What changed on 9/11 was the realization that we can be attacked right here at home. And with that realization came once again the subject of infowar and its partner in crime cyberterrorism. You've heard the news, read the articles, and seen the movie—and it goes something like this:

It's June, the children are out of school, and as highways and airports fill with vacationers, rolling power outages hit sections of Los Angeles, Chicago, Washington, and New York. An airliner is mysteriously knocked off the flight control system and crashes in Kansas.

Parts of the 911 service in Washington fail. Supervisors at the Department of Defense discover that their email and telephone services are disrupted. Officers aboard a U.S. Navy cruiser find that their computer systems have been attacked.

As incidents mount, the stock market drops precipitously, and panic surges through the population.

Is this "electronic Pearl Harbor" myth or reality?

Much of the scenario above—except for the plane, stock market crash, and panic—actually occurred in 1997, when 35 hackers hired by the National Security Agency launched simulated attacks on the U.S. electronic infrastructure.

The exercise, called "Eligible Receiver," achieved "root level" access in 36 of the Department of Defense's 40,000 networks. The simulated attack also "turned off" sections of the U.S. power grid; "shut down" parts of the 911 network in Washington, D.C., and other cities; and gained access to systems aboard a Navy cruiser at sea. The results of the exercise confirmed that in a software-driven world, an enemy need not invade the territory—or the air above the territory—of a country to control or damage that country's resources.

  • + Share This
  • 🔖 Save To Your Account