I’ve been following this for sometime… This is an important resource of information for keeping up on information relating the vulnerabilities of a variety of technological systems.
We have a pre-disposition to believe that Windows is the only real attack vector in our information infrastructure, but the reality is that, though it is a huge target, other systems sport vulnerabilities waiting to be exploited.
To that end you’ll see on the right hand side of the page, a new list of the recently found exploits as published by the DHS and NIST on systems vulnerabilities.
This is a difficult position, because I hate fear mongering, and hate being the one to shout "the sky is falling!" But if you saw the piece from Wired Science on PBS October 3rd, you’ll see there is some merit to being concerned. "Forewarned is forearmed" as the saying goes.
I sat down after dinner tonight to begin studying for a data analysis assignment I had been putting off when I noticed a story that caught my eye on the new PBS series “WIRED Science.”
The story titled “World War 2.0” talked about the recent botnet attacks by Russian loyalists on the country of Estonia. It seems that after the end of World War II the Soviets drove the Germans out of the country. Now in the 21st century, Estonia is a member of the EU and NATO. In an attempt, Josh Davis, the story’s author points out, to distance themselves from their Soviet past, many ethnic Russians were none too happy about the idea, and took to the streets.
It’s here that the story gets interesting, see some of these ethnic Russians are also consummate computer hackers, and when physical riots didn’t produce the desired effect, they took to cyberspace. Through the use of several botnets, these hackers created an astounding display of cyber-warfare or cyber-terrorism, by launching a large scale distributed denial of service attack at the several high profile targets including the largest bank in Estonia, Hansapank, and one of the leading newspapers Postimees. The affects were devastating, people were cut off from the bank for days, and the country had effectively garrisoned itself from the rest of the wire world. No news, no information, was allowed in or out.
So here’s the point, and a warning; launching an attack like the one that hit Estonia would have little effect on the resources of the United States. But proportionately sized, not out of the question by the way, would cripple the information infrastructure of this country. Now all of a sudden, who needs nukes? Distributed computing, some ingenuity, and a political agenda are all that’s needed to cripple a businesses, county, city, or state agency. And if you think these activities are being executed by pimple faced teenagers with a grudge and a notebook, think again. Several countries in the far east and pacific rim have state sponsored cyber-warfare programs with the specific agenda of disabling national and private infrastructure, it is far more profitable, decimating an economy, without all the… well, dead bodies.