Experts: Cyber-crime bigger threat than cyber-terror

[chsh]

Originally posted here by jinxy
My 10 min 45 min analagy covers this. It takes seconds to write out a reciept and tare it off the pad.....more than 10 mins for a computer op to look up all the items add quantities to an invoice then print it.............Dont argue with me here, I have been at both sides of the counter.

I'll argue with you here, because I have had specifically the experiences you're talking about. Maybe they do things bass ackwards in the UK, but in Canada if I walk into a Home Depot and order a load of stuff right at the contractor's register, they open a book, grab their scanner, and scan barcodes for basically whatever I asked for, it takes a grand total of maybe 5 minutes with a trainee doing the sale. Perhaps your experiences are not everybody's experiences, and in the future you should refrain from spewing ultimately ignorant crap like "don't argue with me here". Just because your experiences are bad doesn't mean everyone's experiences are bad.

Weather the storm or go under...Thats business. The senario is the same if bad business desitions are taken.
So what contingency plans has your company got if the web does go down? and it can
Eggs one basket mean anything to you??.

While it's all well and good to simply spout cliches, in the real world it's a necessity for a lot of people. Not all businesses are multinational and have offices in every city, just as not all businesses are mom and pop operations. Of course the nature of business is to have its pitfalls and so forth, however just because a business has one point of access doesn't mean is it doing anything wrong.

Originally posted here by AngelicKnight
What we're looking at are two dangerous extremes of thought:
1) Terrorists from the Middle East are going to spam, DOS, and hack us into oblivion, or
2) cyber terrorism will never happen and is a silly fairy tale.

I think our job is to stand inbetween these two uneducated extremes. So often is the case with truth.

Saying "it can't happen", however, is perhaps the most dangerous blunder of all.

If one were to take the view that paranoia serves security, then it would certainly be safer to believe #1 than #2, so even in furtherance to securing your networks and software it is irresponsible to disbelieve it's a threat.

[TheSpecialist]

Hummm... so if I yell bomb over a phone this is teleterrorism? If I cut off a finger and mail it to someone with a note covered in blood and profanities... or send in a packaged bomb... this would be mail-terrorism then, right? Or are we just tossing words around cause I gotta tell ya, it sure seems like it.

[rapier57]

I'm voting that cyber terrorism is a real threat. Not because I think that anyone is going to SPAM, worm or DDOS us into oblivion. What is actually happening is that terrorists, criminals (organized and otherwise) and who knows who else are using phishing and other tactics to fund their activities. There are enough gullible folks that actually respond to phishing SPAM that it is a lucrative activity for the above named ne'er-do-wells.

I don't know that the activity will bring down the international networks, but it might fund some very nasty events. There may be other efforts underway now that we aren't aware of that would constitute a more direct network threat.

So, whatever we can do as professionals to make our systems more stable, more secure and more reliable can only help to mitigate the potential threat of cyber terrorism.

Let's be careful out there.

[jinxy]

The following article is nearly two years old. I see know change from when it was written, to the current article. Posted by MsM.

The threat posed by cyber-terrorism has been overhyped and the net is unlikely to become a launch pad for terror attacks.

George Bush and Colin Powell
US Government keen to tighten cyber security
That was the conclusion of a panel of security and technology experts brought together at the CeBIT technology fair to consider the threat posed by net attacks on businesses and consumers.

Panel members said companies faced far more serious threats from ordinary criminals, fraudsters and pranksters than they did from technology-literate terrorists.

Combating these real threats would take work by almost everyone involved in the running and use of the net.

Selling newspapers

Respected security expert Bruce Schneier said the threat posed by so-called cyber-terrorism had been over-estimated.

"The hype is coming from the US Government and I don't know why," he said.

Fellow panel member Art Coviello, head of security firm RSA, said some of the warnings about cyber-terrorism had come about in reaction to the attacks on 11 September.

But, he added, sections of the media were also responsible for hyping the threat.

"Some of these stories are very entertaining and sell a lot of newspapers," he said. "Some media organisations are fanning the flames of this."

Mr Schneier said any terror group that wanted to sow panic and attack its ideological enemies was unlikely to turn to net technology to make their point.

Real threat more mundane

"If they want to attack they will do it with bombs like they always have," he said.

By contrast, he said, disrupting the running of the net and other communications networks would cause more annoyance than fear.

"Breaking pager networks and stopping e-mail is not an act of terror," he said,

If I cannot get my e-mail for a day I am not terrorised.
Bruce Schneier, security expert
Mr Schneier said companies and consumers should concentrate on real threats from common criminals, viruses and other malicious programs.

"Criminals tend to lag behind in technology by a few years," he said. "But once they find a technology they tend to use it and there is a lot of value on the internet."

Defending against criminals was difficult, said Mr Schneier, because they were often mixed in with the barrage of attacks companies suffered everyday.

Tackling these threats would take a lot of work by many of the organisations using and developing net technologies, said Mr Schneier.

One of the key tasks was to start creating a lawful society on the Internet, which educated people about the rights and wrongs of online life and that caught and prosecuted criminals.

Here: http://news.bbc.co.uk/1/hi/technology/2850541.stm

Edit
Here's an even better article :http://news.zdnet.com/2100-1009_22-955293.html
here is a snipit that seems relevent

That sort of rhetoric is why many dislike the term "cyberterrorism." Ambiguity over its definition--and, therefore, which threats are real and which are not--has confused the public and given rise to countless myths. The phrase has become a catchall buzzword that evokes nightmare images that can be exploited to support political agendas ranging from stronger surveillance authority to tighter immigration controls.

"If you say cyberterrorism, you confuse people," said Richard Clarke, President Bush's special adviser for cybersecurity. "Osama bin Laden is not going to come for you on the Internet."

[nietzsche]

Middle East? No way. In-topic research has brought me to the conclusion that we'll see either Russia or China casting the first stone here. At least, they seem to be gearing up for it with regard to COMSEC. And my thinking on it is that, while it will not throw the West into oblivion, it CAN be used to win battles, create chaos, and otherwise monkey with, demoralize, and generally wear down the enemy.

My $0.02 on it.

Originally posted here by AngelicKnight
What we're looking at are two dangerous extremes of thought:

1) Terrorists from the Middle East are going to spam, DOS, and hack us into oblivion, or
2) cyber terrorism will never happen and is a silly fairy tale.

I think our job is to stand inbetween these two uneducated extremes. So often is the case with truth.

Saying "it can't happen", however, is perhaps the most dangerous blunder of all.