War, ethics and security

Computerworld - The cyberwar has intensified along with the war in Iraq, or so we hear.

I honestly thought our entire telecommunications infrastructure was going to be brought to its knees when the war started. Not because I professionally believed it was possible, but because I was personally frightened by the thought of war.

Silly me. Well, not so silly. Cyberwarfare, a.k.a. cyberannoyance, has increased and been highly publicized in online security circles. The TV media has been completely engrossed in blow-by-blow accounts of the war in Iraq. Print media isn't far behind. The world of cybercommunication isn't constrained by the size of a newspaper or airtime minutes. There are plenty of information security Web sites to peruse and endless e-mail security alerts to read. But have there been any real attacks on the infrastructure?

It appears that the "attacks" are primarily composed of Web defacements and obnoxious anti-something attempts. AlJazeera.net, the online version of the Arabic news channel, has been the hot discussion topic in recent weeks. Hackers took down numerous servers and defaced the site with pro-war statements (see story). Recently, the servers were knocked off-line. Whodunit is being debated.

There's a group of Chinese hackers who are planning attacks on U.S.- and U.K.-based Web sites in protest of the war. There is a group in Malaysia that's threatening "suicide cyberattacks" if America launches a war in Iraq. Oops, too late! Defacement -- ad nauseum. An article from the Detroit Free Press states, "Think of it as the Information Age's electronic equivalent of graffiti protests." Sounds a little immature, doesn't it?

The FBI's National Infrastructure Protection Center issued a warning that we should be on guard against Iraq sympathizers and antiwar activists, whatever that means. OK, so I'm sitting in my office and I look through the window into the cubicle area. I notice a guy in a turban in one of the cubes. He's a programmer. He's hammering away at the keyboard and talking rapidly in Arabic on the phone at the same time. Should I be on alert and ask the security guys to start monitoring his phone calls, e-mail conversations and Internet usage? Or should I recall that he's been working with the company for 10 years, is an excellent programmer cramming to finish a project and is talking to his wife about one of the kids whose teacher just called from school?

No, wait! I've got it. I should stop buying sundries at the 7-Eleven store because I'm sure "they" are funding terrorist activities from those questionable magazine sales. No, that can't be it. Come on now! Give me something more to do, will ya? How ignorant are we? More important, what is it that we are supposed to do? The Washington Post recently published an article that suggests "vigilance is par for the course" in these troubled times.