- The Buffer Overrun Scenario
- The Security Breach
- Corrective Actions
- Don't Be an Unwitting Collaborator
Don't Be an Unwitting Collaborator
In April of 2002, U.S. officials were preparing for possible hack attacks by Chinese individuals, groups, and government, according to published reports. There is concern that a government or group of hackers could exploit some of the numerous vulnerabilities frequently discovered in our software and systems.
The warning, which coincided with the anniversary of a U.S. spy plane incident and a subsequent conflict between Chinese and American hackers that left thousands of web sites defaced, indicated that the U.S. Central Intelligence Agency (CIA) expects the United States and Taiwan to be targets of cyber-attacks by Chinese hackers. Neither the CIA nor the Federal Bureau of Investigation's National Infrastructure Protection Center (NIPC) would comment specifically on the reports, but stated that the CIA believes the Chinese military is researching ways to disrupt targeted military and civilian computer systems.
This proves that cyber-attacks are being seriously considered by enemies of the U.S., and you should take proper precautions to secure your network.
Oliver Friedrich, director of engineering at SecurityFocus, said a series of recently discovered security holes in Microsoft's IIS server, for example, "...could provide a great platform for state-sponsored or other hackers who wanted to create a new worm or break into systems."
By leaving out the welcome mat supplied by buffer overrun flaws in the software you use, you open the door for cyberterrorists to damage your system and our national information infrastructure.