Cyberterror attack rocks America

Click to follow
The Independent Online
THE TWIN threats posed by cyber-terrorism and the growing monopoly of software company Microsoft became reality yesterday, as thousands of American users found their machines "frozen" by a cleverly-targeted attack launched over the Internet.

All over the US, machines running the Windows NT operating systems and connected to the Internet crashed. Military machines operated by the Navy, and 14 of 15 of the US space agency Nasa's sites were affected, as well as many universities.

The deliberate nature of the attack was emphasised by its timing - hours before Bill Gates, head of Microsoft, had to defend his company to a Senate committee against allegations that its growing control of the software market breaks anti-trust laws. Later the same day, Louis Freeh, director of the FBI, appeared before another Senate committee to ask for increased funding for "several priority initiatives, including those in the areas of counter-terrorism and cyber-crime".

But industry analysts reckon the target of this attack was Gates, not Freeh. The machines were all crashed by sending out a message over the Internet which exploits a feature of Windows NT - which Microsoft wants to become the dominant operating system for large business computers. However, the attack was tailored so that it would not cause actual harm: no data was lost. Dennis Jackson, head of the UK Computer Emergency Response Team (CERT) said: "It's the computer equivalent of a custard pie attack"

Steve Gold, news editor of Secure Computing magazine, and a former hacker, explained: "Somebody sent out a deliberately malformed instruction to all the NT servers on the Internet in the US which caused them all to chase their tails trying to solve a problem that's impossible to solve, such as the value of pi to a trillion decimal places."

The attack clearly shows the weakness that Microsoft's growing monopoly causes to a country reliant on computers: if every computer runs the same operating system, all will have the same flaws, and a lone cyber-terrorist could seriously disrupt communications. Gold reckons that this one would have taken only 24 man-hours to set up. "Whoever did this knew exactly what they were doing. They could have been a lot more malicious, sending worms or viruses."

The US administration is increasingly worried about computer-based attacks. Some observers have predicted that the frequency and sophistication of the "hack attacks" will only increase. The FBI also sees computer crime rapidly escalating and has identified a wide spectrum of criminal classes as electronic intruders: "White collar criminals, economic espionage agents, disgruntled employees, organised crime members, foreign intelligence services and terrorists groups have all been identified, with the potential to have immediate and severe consequences for every facet of government and industry."