Tip of the Iceberg
While examples of cyber-crime aboundfrom database theft to Nigerian banking scams to the rigging of online gambling to worm attacksno current or former government officials, no law enforcement officers and no security experts interviewed for this story could cite a single example of cyber-terrorism. "There havent been any at all, to my knowledge," said Howard Schmidt, chief security officer at eBay Inc., in San Jose, Calif., and former chairman of the Presidents Critical Infrastructure Protection Board and one of the first dedicated computer crime investigators in the country, first with local law enforcement in Arizona, then with the FBI and later with the Air Force Office of Special Investigations. "I actually refrain from using that term [cyber-terror]."Clarke, for one, sees the threat of cyber-terrorism as a serious concern for the United States. "What we see today is just the tip of the iceberg in terms of whats possible, especially if a nation-state wanted to get in on this," he said. "As long as these things are possible, we run the risk that someone will do them." And while other observers claim terrorist groups are using the Internet mainly for communications and fund-raising, Washington insiders insist the government is not sitting by idly awaiting a strike. "Cyber-crime is an alarming trend and one were actively [focused on]," said Amit Yoran, director of the National Cyber Security Division at the Department of Homeland Security, the nations top cyber-security post. "Its a huge issue. The Department of Justices top priority is this. Were trying to build a threat-independent approach to protection. We dont care if its a terrorist or a kid. If theres an impact, thats what we care about." Yoran said that relatively little data on cyber-crimes is flowing between the different departments and agencies in federal, state and local governments but that efforts are under way to change that. Another problem, he said, is the naivete of most Internet users. "I think theres a lack of general awareness among consumers about how vulnerable they are," Yoran said in Washington. "The issues right now are overly complex, and the government has to simplify it." Donna Getgen might agree, although it doesnt offer her much comfort. No fraudulent activity was found involving her debit card account in March, and the Digital Federal Credit Union, in Marlborough, Md., went ahead and canceled the card and was in the process of issuing her a replacement by the time she received the letter. But Getgen is still distressed by the incident. "I really have lost trust," said Getgen. "I havent been back to BJs since this happened, and I dont intend to go back. If I did, it would be on a cash basis only." Check out eWEEK.coms Security Center at http://security.eweek.com for the latest security news, reviews and analysis.
Thats not to say the possibility doesnt exist for a concerted, targeted attack to bring down a critical banking network, utility grid or other vital system.