Geoscience Reference
In-Depth Information
Worm—This type of code propagates itself without user action or interven-
tion. Worms typically start by exploiting a software security vulnerability.
Once the victim's computer has been infected, the worm will attempt to find
and infect other computers through address books, contact lists, or other
connective means. The self-propagation of a worm distinguishes it from a
virus.
Trojan Horse—This type of program claims to be one thing on the surface,
but is totally different behind the scene. For example, it may be a program
that says it will increase your computer speed, when in fact it may be sending
confidential information to a remote intruder.
One case of a cyber attack occurred in early 1998, in which United States mili-
tary systems were subject to an “electronic assault” noted as “Solar Sunrise.” The
intruders hid their tracks by routing their attack through computer systems in the
United Arab Emirates. They accessed unclassified logistics, administration, and
accounting systems that control the ability to manage and deploy military forces.
The United States response to this incident requires a massive, cooperative effort
by the Federal Bureau of Investigation, the United States Justice Department's
Computer Crimes Section, the Air Force Office of Special Investigations, the
National Aeronautics and Space Administration, the Defense Information Systems
Agency, the National Security Agency, the Central Intelligence Agency, and vari-
ous computer emergency response teams from the military services and govern-
ment services.
In the end, it was found that two young hackers in California had carried
out the attacks under the direction of a hacker in Israel, himself a teenager. They
gained privileged access to computers using tools available from a university
website and installed sniffer programs to collect user passwords. They created a
backdoor to get back into the system, then used a patch available from another
university website to fix the vulnerability and prevent others from repeating their
exploit. Unlike most hackers, they did not explore the contents of their victim's
computers.
25
Consequences of Cyber Threats and Attacks
Typically, cyber threats and attacks are aimed at disruption of infrastructure, dis-
ruption of the economy, and exposure of sensitive strategic information. At the cor-
porate levels, cyber attacks can create large liabilities and cause losses large enough
to bankrupt most companies. Countries and organizations wishing harm upon the
United States and its general ideologies, as well as organized crime, have introduced
this type of attack as being profitable for the attacker. For this reason, American
corporations and government entities need to be urgently informed, not just of the
technical vulnerabilities that may exist, but also of the significant strategic and
economic consequences of an attack on those vulnerabilities.
