Cyberterrorism Threat Hyped?

See allHide authors and affiliations

Science  08 Jan 1999:
Vol. 283, Issue 5399, pp. 139
DOI: 10.1126/science.283.5399.139b

Cyberterrorism could bring the country to its knees unless security agencies are overhauled to cope with the threat, warns a new report from a Washington, D.C. defense think tank. But some observers call the report the latest in a wave of hype that misrepresents the problem of computer security.

Ominously titled “Cybercrime, Cyberterrorism, Cyberwarfare: Averting an Electronic Waterloo,” the report made a media splash when it was released last month by an expert task force of the Center for Strategic and International Studies (CSIS). It's packed with scary anecdotes showing how the threat of “information warfare” is growing—from terrorist Osama bin Laden's encrypted messages sent by laptop, to a 16-year-old English hacker's 1994 crashes of “some 100 U.S. defense systems.” The report calls for steps such as a presidential directive requiring a review of cybercrime policies across agencies and a “new breed of [intelligence] analyst” recruited from “odd cybergeek gangs.” “The fact of the matter is, our community is not equipped,” says CSIS's Frank Cilluffo.

“There's a real problem, but it's not necessary to make the case with all these lurid examples,” says John Pike of the Federation of American Scientists. George Smith, editor of Crypt Newsletter, adds that the CSIS report repeats myths and exaggerations—for example, he says the 16-year-old (and a partner) didn't break into any classified systems and got as far as they did only because Air Force computer scientists allowed it so they could learn from the attack. “It ratchets up the level of paranoid hysteria and undermines the real education and work in this area,” Smith says.

The real security concern is civilian networks, contends Pike, because they are much easier to crack than military ones. Their weaknesses, he says, are such basic things as the fact that the most common password for gaining access to a system is … well, “password.”

Navigate This Article