Re: A Message from Richard Clarke (fwd)

[InfoSec News <isn () c4i org>]

Forwarded from: security curmudgeon <jericho () attrition org>

> The following message from Richard Clarke is forwarded:
>
> From:  Richard Clarke
> To: All ISAC's
>
> The events of the last weekend demonstrate yet again how vulnerable
> our society is to cyberspace attacks.  The Sapphire Worm was
> essentially a dumb worm that was easily and cheaply made.  It
> attacked only one vulnerability on one piece of software from one
> vendor for one type of machine. Moreover, that vulnerability was one
> for which a patch had been available for many months. Nonetheless,
> the results of the worm were significant.  It spread to hundreds of
> thousands of machines in less than 15 minutes.  It disabled some
> root servers, the heart of internet traffic.  Although it was aimed
> at servers, it caused routers to flop and cease to function. Some
> airline flights were delayed or cancelled.  Some banking functions
> ceased.  A national election/referendum in Canada was canceled.  
> Workers were sent home at some major US companies.

Anyone else find this deeply disturbing (read: pathetic)?


Disabled root servers? Uh.. who is responsible for these servers? The
ones that are a vital part of the backbone of the net? Why aren't they
being bitch slapped for negligence? They run one of the most vital
pieces of the puzzle we call the Internet, and a six month old
microsoft vulnerability can bring them to their knees? Anyone else see
this as a problem?

Airline flights were delayed or cancelled? Could someone please make
public which airlines are f*cking stupid enough to use the internet
for ANY part of their operation? Which of these geniuses decided that
the cesspool of 1's and 0's was a good option for routing their
traffic? If these aren't the airlines mid bankruptcy I'd be shocked.

Banking functions ceased? Is this reference to the network of ATMs
that were suddenly unavailable? Can anyone else remember when ATMs
were not a part of daily life, and withdrawing cash began with "Hi I'm
fine today, I'd like to withdraw money from my checking account?" Why
are these banks relying on a network encumbered by DoS attacks, spam,
online games and pornography, to route and handle their important
traffic?

A national election/referendum in Canada was canceled eh? Oh lordy not
that! Why was a *national* election of any sort relying on the
*global* internet in any way? Last I checked there was no method for
online voting that met scrutiny of all parties as far as security and
reliability were concerned. So why is this national election impacted
by insecure global technology exactly?

Workers sent home at some major US companies? Because of the
SQL/Sapphire/Slammer worm, workers had to miss a few hours out of the
2000 work hours of the year. The same companies that are reluctant to
let these employees go to funerals or take care of sick relatives in
fear or paying them for time not spent working? Oh no! These workers
getting a few hours off sounds like a good thing to me.


As usual, I think we've lost our perspective on what this worm really
did. We're long past pointing fingers at Microsoft, lazy admins, full
disclosure or anything else. Businesses have some incredibly
masochistic desire to utilize the Internet for their operations,
instead of using it as a limited route for customer exposure or
convenience. Insisting on taking unpaved road then crying like a bitch
when you hit a rock is absurd.

Vulnerabilities are discovered, systems are left unpatched, mass
hysteria and global panic ensues. When will we realize that history is
destined to repeat itself and these events will happen again and
again?




-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.