It has been repeatedly demonstrated so often that
it has become an empirical fact - every computer system and every computer
network is highly vulnerable to cyber-crime attacks.
"Given
the ubiquitous vulnerabilities in existing commercial off-the-shelf software,
intrusions into critical [computer] systems are inevitable
for the foreseeable future."
Source: Report on Cyber Security, by the FBI to
the U.S. House, August 29, 2001 and April 5, 2001. Underline added, [
] Inserted.
Point: Report Credibility- public
release of an FBI report to the U.S. House of Representatives! Notice
even highly secure government and military computer systems are “Vulnerable
to Intrusion” by a cyber-criminal!
A
red team, put together by the [U.S.] intelligence community in
1997, pretended to be North Korea cyber-attackers. Some 35 men
and women specialists, using hacking [cyber-crime attack] tools
freely available on 1,900 available Web sites, managed to shut
down large segments of America's power grid and silenced the command
and control system of the Pacific Command in Honolulu. The
[U.S.] Defense Information Systems Agency (DISA) launched some
38,000 attacks against its own systems to test their vulnerabilities. Only
4 percent of the people in charge of targeted systems realized
they were under attack and of these only 1 in 150 reported the
intrusion to superior authority.
Source: Center for Strategic and International
Studies, Panel Report, Nov 1998. Underline added; [ ] Inserted.
Point: If
cyber-criminals can easily enter the U.S. Department of Defense’s
computers and completely silence the U.S. Military's Pacific Command;
if they can take control of our nation’s major power utilities'
computer systems and shutdown large segments of America's national
power grid; do you have any doubt that a dedicated team of professional
cyber-criminals can enter any organization's or individual's computer
system, (including your organization’s computer systems), and
steal cash and other protected information!
A small group of cyber-thieves broke into approximately
60 military and government computer systems and several state
of Texas owned computer networks.
Source: Ottawa Citizen- Jan 20, 2002. Underline
added.
In
February 2000 a lone cyber-criminal successfully penetrated the
computer systems at Patrick Air Force Base, Florida, Fort
Monmouth Army Base, Kentucky, Fort Leonard Wood Army Base,
Missouri, and Fort Campbell Army Base, Kentucky.
Source: New Hampshire Attorney General
Press Release, March 9, 2001. Underline added.
Cyber-criminals
and alleged terrorists broke into the U.S. General Accounting Office
(GAO) computer systems. The attacking group is known as Anti
India Crew, which is part of a cyber-criminal/terrorist coalition
calling itself the Al-Qaeda Muslim Alliance. Other reported
members include the Gforce Pakistan and the Pakistan Hackerz Club.
Source: Newsbytes, Dec 10, 2001. Underline
added.
A
cyber-thief broke into the computer networks of eBay,
Exodus Communications, Qualcomm, Juniper Networks, ETrade, Lycos
and Cygnus Support Solutions.
Source: InfoSec News, Jan 30, 2002.
Underline added.
Successful
cyber-crime attacks have occurred at Amazon.com, Microsoft,
Yahoo, eBay and CDNow.
Source: InfoSec News, Feb 19, 2002. Underline
added.
An
elite group of experienced hackers warned the U.S. Congress
that computer security is so lax that they could cut the
entire nation off from the Internet in less than 30 minutes and
could keep the global network disabled for days. They stated
the Internet is based on 20-year-old technology and that every
computer connected to it is an available access point and a weak
link in cyber-crime protection.
Source: The New York Times, May 20,
1998. Underline added.
These cited reports are consistent
with the prior cited FBI report to the U.S. House of Representatives,
which expressed the professional opinion that NO computer system is
exempt from a cyber-crime attack!
