Vmyths.com


Hoaxes, myths,
urban legends

Columnists

Newsletter
signup

Addictive
Update
Model

False
Authority
Syndrome

About us

Computer
security
humor

Truth about computer security hysteria
Truth About Computer Security Hysteria

As read by the author

VB2002 part 4: crush the Internet in a matter of minutes

As read by the author Rob Rosenberger, Vmyths co-founder
Thursday, 9 January 2003 [continued from part 3:
Whole economies might
die with the Internet] SOMEONE NAMED KLAUS stood up and chimed in at the VB2002 speakers' panel. He warned about the dire threat of buffer overflows. Dmitry Gryaznov (Network Associates) made it sound like a small terrorist cell could double-click western civilization into oblivion:
Some­one in the audience blabbed of a well-known decade-old oft-described world-devouring theo­retical {yawn} worst-case-scenario com­pu­ter virus now called a flash worm.
Listen to VB2002 hysteria
04:45 Panel moderator Carey Nachenberg (Symantec):
Okay. (Sorry, we had another comment where? Okay, right here. Sorry.)
04:50 Klaus (last name unknown, affiliation unknown):
My name is Klaus, and I would say, if we get a threat with a buffer— like a buffer overflow attack, we would work with the [unknown] XP, which [is] probably in a large part of every computing, everything in [the] company. If someone [were to] think of an interesting payload in that scenario, I think that we could get a major critical [unknown]. And we have seen security flaw[s] in the operating system and it— before, which has been patched, so probably it hadn't happened. And that's just one possible scenario.
05:26 Dmitry Gryaznov (Network Associates):
It doesn't even take a new [unknown] vulnerability; it doesn't take a new major buffer overflow or whatever. All it takes is actually several dozen thousands of trojanized computers, and it's— this is actually the way the bad guys are kind of heading today. And I'm surprised really what would be their target, like the [unknown], and all they [are] doing trying to [unknown] on people's computers: back doors and stuff. And if say, 10-20 thousand computers can just [unknown], all of them has a broadband [connection], imagine if all of those computers started, and [unknown] denial-of-service target against some site, that they can take any site down in a matter of minutes.
06:10 Nachenberg:
And before we go on, just a quick point, just so people know, an interesting point. Dow Chemical — anybody here from Dow Chemical? — Dow Chemical apparently did $1 billion in online sales last year. Just to give people an idea of what the impact might be. Okay? (Frederick?)
Irony, anyone? Gryaznov described exactly what happens when virus hysteria sweeps the globe. Millions of panicky users swamp Network Associates & Symantec when everybody tries to update their antivirus software at the same time. (Correct me if I'm wrong, but ... if a cyber-terrorist wanted to take down all antivirus websites "in a matter of minutes," he could simply pre-announce a diabolical new virus and wait for antivirus vendors to whip the media into a frenzy. Reporters would convince users to hit their auto-update buttons all at once and a global distributed-denial-of-service attack would cripple the antivirus vendors. Right?) So Gryaznov insists cyber-terrorists can achieve their goals by hijacking "several dozen thousand" servers. My, my. Code Red owned several hundred thousand high-bandwidth web servers in mid-2001 thanks to an exploit Klaus fears so much. Ironically, many Code Red victims relied on Gryaznov's latest & greatest antivirus software! Tsk, tsk.
Irony, anyone? Dmitry Gryaz­nov (Net­work Asso­ciates) de­scribed exactly what happens when virus hysteria sweeps the globe.
Let me be the first to offer future condolences to Network Associates' entire customer base.
OKAY, FOLLOW ME on this. White House fearmonger Richard Clarke claims the Enron atrociNimda virus caused over $2 billion in damages. Gryaznov insists cyber-terrorists can knock any site offline "in a matter of minutes," and moderator Carey Nachenberg (Symantec) said Dow Chemical does roughly $1 billion in online sales each year. So if we can take Dow Chemical offline in a matter of minutes — and if we can keep Dow Chemical offline for two solid years... "Impossible," you say? Think again! A lone cyber-terrorist with rudimentary computer skills forced 6% of the U.S. Department of the Interior offline for months now. Months, I tell you! He typed a few commands on a computer keyboard and poof! FBI NIPC exists to protect the continuity of the U.S. government, yet they twiddle their thumbs day after day while Interior's computers remain crippled. If a lone cyber-terrorist with rudimentary computer skills can shut down a major chunk of the U.S. government for so long — then an elite squad of suicide hackers could easily disconnect a multinational conglomerate like Dow Chemical for two solid years. Right? I mean, if anyone can take out Dow Chemical, these guys could...

[continued in part 5:
Beach balls and
worst-case scenarios]