Computer world on guard for cyber attacks amid terrorism worries

Friday, September 21st 2001, 12:00 am
By: News On 6

WASHINGTON (AP) _ Some fear last week's attacks could prompt cyberterrorists to try to disrupt the computer world. And with the U.S. economy faltering, such a move could further damage already wounded businesses.

``I don't think it's out of the realm of possibilities that cyberterrorism could be used as one ingredient of a larger plan or perhaps another mechanism to create disturbance,'' said Bob Cohen, senior vice president of the Information Technology Association of America, a trade group.

Cyberterrorists can take many shapes, from foreign governments to terrorist groups to young hackers. They have shown a propensity to strike during international conflicts.

Most have been minor invasions that are more annoying than disruptive, such as defacing Web sites or ``denial of service'' attacks that slow down or halt computer systems by flooding them with information.

But there is a potential for a more skilled cyberterrorist to disrupt systems for hospitals, power grids, banks and other key institutions.

``If we saw a truly comprehensive and destructive attack on a critical infrastructure _ where it was well-planned, well-targeted _ it could clearly have a destructive impact,'' said Michael Vatis, director of the Institute for Security Technology Studies at Dartmouth College.

Lawrence Gershwin, the CIA's top adviser on science and technology issues, told Congress in June that traditional terrorists are less likely to pursue computer attacks. But that could change, he said.

``Bombs still work better than bytes,'' he told the Joint Economic Committee. ``But we anticipate more substantial cyber threats are possible in the future as a more technically competent generation enters the ranks.''

The FBI's National Infrastructure Protection Center is on the lookout for cyberterrorists and last week issued a warning about ``patriot hackers'' _ people trying to target those thought responsible for the terrorist attacks.

NIPC also is investigating the ``Nimda'' worm, a viruslike program that spreads rapidly and has been infecting computers running Microsoft's Windows operating system. Attorney General John Ashcroft has said there is no evidence linking the worm to the terrorist attacks.

Consultants like John Pescatore, research director for Internet security at Gartner Inc., have been advising clients on how to handle cyberterrorism threats, which he expects will occur if the U.S. military begins assaults on terrorist camps in Afghanistan and elsewhere.

``It's the low-hanging fruit,'' Pescatore said. And ``companies haven't made much progress against denial of service attacks.''

He and other experts are advising companies to take steps now to avoid problems later. Among them: make sure they have the most recent antivirus software, install security programs that include firewalls and encryption and increase user awareness.