Just when you thought it would be Safe
Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Just when you thought it would be Safe

  1. #1
    Macht Nicht Aus moxnix's Avatar
    Join Date
    May 2002
    Location
    Huson Mt.
    Posts
    1,752

    Just when you thought it would be Safe

    Gartner Forecasts Greater Potential For Cyberattacks

    Much like the nuclear threat during the Cold War in the last century, cyberwarfare is a potential catastrophe that the U.S. and other nations must be prepared to combat, Gartner Inc. said. Given the rate of adoption of Internet-based technology, nations will have the ability to conduct cyberwarfare by 2005.
    "The difference between cyberwarfare and hacking is the magnitude," Fraley said. "Cyberwarfare is on a much grander scale."
    Full artical HERE

    Well, I guess that means we will all be on the front lines. I wonder if we will be able to collect combat pay.
    Does this mean our present day scriptkiddies will be heros or something.
    I know....sarcasum doesn't work well on a message board, but do people actually make money by coming up with such drivial. Where has he been hiding all his life?
    \"Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, Champagne in one hand - strawberries in the other, body thoroughly used up, totally worn out and screaming WOO HOO - What a Ride!\"
    Author Unknown

  2. #2
    Senior Member Info Tech Geek's Avatar
    Join Date
    Jan 2003
    Location
    Vernon, CT
    Posts
    828
    If we were to make a GUI for cyber warfare would it be a first person (Counter-Strike) like GUI or would it be clumped together like a game of Risk or will it be more strategic like a (Command & Conquer or Rise of Nations).

  3. #3
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    Hrmm... FUDing is at a new high, IMHO. I've been reading about this in Full Disclosure and one has to wonder how Gartner came to this conclusion or are they doing it to help encourage more people to buy their services? I seriously think cyberwarfare has been going on for a while, it just doesn't appear in the newspaper as that or is made public.

    I doubt the scriptkiddies will be heros. Evidence of increased DOSing happened in the 2003 FBI/CSI Computer Crime Survey. If it repeats in 2004 (possible but I think unlikely) then there may be something to this (I think 2004 Survey might need to be renamed to "Year of the Virus").
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  4. #4
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Hmmm,

    I think that it was about three years ago I read that the Taiwanese had 500 people working in their military cyberwarfare unit. Anyone else remember that?

    I think that Gartner are a bit slow on this one

    The greater worry to me is terrorists using cyberwarfare?

    Just my 0.02

  5. #5
    Some Assembly Required ShagDevil's Avatar
    Join Date
    Nov 2002
    Location
    New Jersey
    Posts
    718
    I was talking about this with a buddy just a few weeks ago. See, to me, it's utterly amazing that presently, most new computers don't come bundled with a firewall/trojan scanner/AV software, instead you have to pay extra or go buy these products seperately.
    Even if all computers were bundled with these items, it still wouldn't do a damn thing as most common users don't care much for setting up firewall rulesets, updating AVs and the like.
    They don't want to be bothered with computer security until they can't use AIM or they get a bill in the mail from their credit card saying they purchased the Camen Islands.

    However, there is a point to my rambling.
    I honestly feel that computer security is not pushed on mainstream society with enough emphasis. Most people have a blase' approach about it.
    I dunno....it just sickens me when I basically have to force computer security down my friend's throats and even at that, they still get all peevish and testy.
    When will the common user learn that Norton AntiVirus is not made of kevlar and doesn't protect them from every internet threat imaginable?

    Anyways, I think the lack of computer security education coupled with a nonchalant attitude will eventually act as a catalyst to the potential of future cyber attacks being successful.
    (sorry it took so long to make my point)
    The object of war is not to die for your country but to make the other bastard die for his - George Patton

  6. #6
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    shag,

    /rant on

    You have a good point and this gets into society's view on a lot of stuff. When I talk about this kind of issue (blaise attitude) to students I refer to it as the Microsoft Society or Generation. Basically, it's the generation that believes that everything should be point-and-click and we don't need to really understand the why's and wherefore's of a particular issue/problem.

    Case in point: obesity is at an all time high in North America. People don't want to exercise. They want to continue to eat what they want (McDonald's, Harvey's, Burger King, etc. -- I noticed recently that Subway is advertising subs that meet the Atkins diet) without having to put in work (exercise) to help them. If they did a little research and did a little work they'd learn that if they ate better food (low in certain fats and in moderation) and expended more than they ate, they'd be slim and lean within a good period of time (they forget that it took 10 years to put the weight on but they want it off in a day or so).

    Heck, even look at some of the posts we get here (and you know who you are). People who ask for things without even taking a few minutes to learn (those people we often reply with "Google is your Friend"). Why? Because it's easier and faster to have someone else do it. Plus you don't have to waste time wading through things and pages of manuals to understand how it works if someone can put in a paragraph or two for you.

    Society has become lazy. It's truly a shame I think because there is so much to learn out there and people just don't want to do the time, energy or whatever to learn. =/

    /rant off
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  7. #7
    Senior Member
    Join Date
    Jan 2003
    Posts
    3,914
    Society is way behind lazy, especially when it comes to computers. I'm currently reading H.E.: Network Security Secrets and Solutions (I know i'm behind on the times, but I could only now afford it ( on credit ) ), however I can't bring it into work because the head of Network Services will label me a hacker (well he already has), we aren't allowed to learn things from a security point of view because we have no "need" to know the stuff....


    At the same time we have recently moved from support the schools laptop programs to supporting the online learning and students in residence. Our policy was bring your computer down to our office and we would patch it, install updated AV, Spybot and scan it for Nachi, Welchia and Blaster (which have been severely bogging down our networks... yes even so long after these virii were discovered). After they were verified clean, we would re-enable their switch port and they would have network access. Students complained about having to bring their computers to our office (maybe a 5 minute walk), so we were forced to change our policy and re-enabled all the ports, now the network is again festering with virii and we get complaints about the slow network speeds. No one is ever happy. I suggested we make firewalls mandatory, I was told that wouldn't be good because we wouldn't be able to monitor the students as easily (no real justification.. just that). One of the guys I work with asked if he could check our new Online Portal for flaws because it's all asp (and the software is notorious for being buggy) and he was told "no, they know there are flaws there" What the hell kinda place is this? People are WAY too lazy with technology and for the most part just don't care.
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

  8. #8
    Yes, that's my CC number! 576869746568617's Avatar
    Join Date
    Dec 2003
    Location
    Earth
    Posts
    397
    It's really a shame, when you think about it. I'm sitting here typing on the PC surrounded by books that go back to the XENIX days. It's pitiful that we all spend so much time studying and studying security, and all it takes is a 14 year old with a few choice programs to cause us a headache! Instad of investing the time to learn how to do something, why that works, why this is that way, etc., they just download a tool that someone made, read the F.A.Q., and they're in business.

    HTRegz, It's truely a shame that your administrator feels the way he does, especially since this is obviously an educational establishment. I wish all my users would take the time to read something like that. Maybe then, they would have a genuine appreciation for the daughnting task that all security professionals deal with on a daily basis in the trenches. As for my IS employees, reading H.E. 4th Edition is a condition of employment! The Army even teaches an information assurance course for IT personnel using H.E. 4th as the textbook. (I am fortunate enough to have all 4 H.E.s, H.E. Win2K, 2003, and Linux 1 & 2 in my collection. (I eat Ramen Noodles alot! )

    Also, their argument about not being able to monitor them is flawed. From administration standpoint, all they would have to do is implement a product like symantec client security. It's got AV and a Personal Firewall integrated into one package. Using System Center, they could manage the systems and monitor them too. Symantec isn't the only one or the cheapest one that will do this either, it's just the one that I use. And if they're worried about keeping tabs on the students, simply use terminal services.


    Just like you said...No justification....just excuses.

  9. #9
    Senior Member
    Join Date
    Jan 2003
    Posts
    3,914
    It would be nice if we could use a product like that, unfortunately these are the students computers. We never know what we'll encounter. I've serviced desktops from 300Mhz up to 2.8Ghz and laptops from 166Mhz - 2.4Ghz. I've seen MacOS, 98, ME, 2K and XP.. yet no linux machines heh.... We've got a log of beaurocracy to deal with.. it's a real shame, and those that are in charge, have been there so long, they're lax and out of touch with reality. They won't give us the access we need to fully do our job because it could be a security risk, but they'll put an untested, flawed webportal online.
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

  10. #10
    Senior Member IKnowNot's Avatar
    Join Date
    Jan 2003
    Posts
    792
    I think Ms Mittens hit the nail on the head with this one
    When I talk about this kind of issue (blaise attitude) to students I refer to it as the Microsoft Society or Generation. Basically, it's the generation that believes that everything should be point-and-click and we don't need to really understand the why's and wherefore's of a particular issue/problem.
    And this does not just apply to the 90+% of the general population that are just totally security illiterate and indifferent.

    A few days ago I received a laptop from a college student. His father set it up with up-to-date anti-virus software and OS patches before sending the student to college. The student had grown up in an environment surrounded by computers and knew to update and patch the computer regularly. After less then a month on campus the laptop was useless: all it would do was pop-up ( or try to if not connected to the campus network ) porn.

    After removing 10 viruses ( or virii, which ever you prefer ) and over 200 spyware files ( using Spybot and Ad-aware, plus a manual search which revealed among other things a trojan which could not be identified or removed ( the M$ operating system is hiding the file and I did not have time to dig further, but I did manage to disable it ) the computer is now usable.

    It is amazing to me that the computer could be recovered with all that sh-- on it without a total reinstall. But the reason it became infected startled me more.

    1)The anti-virus software was scheduled to update only once a week at a certain time, when as it turns out the computer was not in use.

    2)No firewall installed. The father had set it up on his network which he protected but did not have an independent firewall on each workstation.

    3)The student ( by this time vulnerable ) made one mistake and clicked on a web page link of a friend's ( compromised ) IM away message. It was downhill from there, and really quick.

    Although both the father and student knew better they became complacent and wound up with an expensive paper weight which may have been used to unknowingly infect other computers on the campus network and the Internet, because they did not understand the why's and wherefore's of the software they were using, the environment it would be used in, and the despicable, unconscionable nature of the 2 per-centers.
    " And maddest of all, to see life as it is and not as it should be" --Miguel Cervantes

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •