| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: junkmail at barnowl.com (Rob Rosenberger)
Subject: Electronic Jihad on August 26, 04 ??
Vmyths.com Virus Hysteria Alert
Truth About Computer Security Hysteria
{25 August 2004, 01:20 CT}
CATEGORY: Dire predictions of a cyber-war or cyber-terrorism
Russian news site MosNews.com has reported "terrorists will paralyze the
Internet on August 26" (this Thursday). The story cites virus experts
Alexander Gostev and Eugene Kaspersky, both who work for Kaspersky Labs, a
large Russian antivirus firm. MosNews ran the story under the headline
"Russian Computer Expert Predicts Internet Terrorist Attack."
MosNews.com story (English):
http://www.mosnews.com/news/2004/08/24/internetend.shtml
The web page address includes the phrase "internetend" -- an obvious
reference to the end of the Internet as we know it.
Vmyths dismisses this "Internet Terrorist Attack" story as baseless
hysteria, for numerous reasons explained below.
It appears MosNews derived their story from a newswire published by
Lenta.ru, which may have derived their own story from a Novosti newswire.
In other words, it's "hand-me-down" news, and this is a systemic problem in
computer security. Reporters will often quote each others' stories as their
main sources of information. Worse, these stories originated in Russia,
where many news agencies have dissolved into sensationalist tabloids since
the breakup of the Soviet Union.
Speaking directly to Novosti's reporters, Gostev supposedly claimed "the
United States and Western Europe will suffer from the attack" on Thursday,
while Kaspersky supposedly "reminded that similar attacks had earlier
paralyzed [the] Internet in South Korea. He added that it would be
'impossible' to stop terrorist organizations if they 'get down to
business.'"
As expected, the Novosti newswire described the cyber-terrorists as
"Islamic" fundamentalists who declared Thursday a day of "electronic jihad."
Gostev and Kaspersky claimed they learned about the cyber-terror attack from
data "published on specialized sites," and Gostev admitted "it is difficult
to say how true this information is." Statements like this raise a RED FLAG
at Vmyths. We believe the men studied messages left by narcissistic
braggarts, not Islamic cyber-warriors. Vmyths has seen NO objective
corroborating evidence for an Internet armageddon in the near future.
Narcissistic braggarts have a notorious habit of (1) declaring an attack
date and then (2) failing to show up for duty at the appointed time. One of
the most hilarious examples of this took place in 1997; see
http://Vmyths.com/hoax.cfm?id=28&page=3 for details.
According to Novosti, Kaspersky concluded by saying "it is ghastly enough
that these people have mentioned 'electronic jihad' for the first time."
Kaspersky is clearly mistaken if the newswire quoted him in context.
Hackers and the media have used this exact term for years; a Google search
returns 500+ matches. Israel's Jerusalem Post newspaper used a similar
term, "virtual jihad," four years ago. mi2g (a well-documented fearmonger)
has issued predictions over the years for electronic jihads which have NEVER
come to pass.
Remember this when virus hysteria strikes:
http://Vmyths.com/resource.cfm?id=31&page=1
MosNews quoted Lenta.ru, which quoted another virus expert, who insisted
"Kaspersky Labs has been foretelling the doomsday for a long time." Vmyths
agrees they occasionally sensationalize threats -- but a global cyber-terror
prediction seems highly out of character for them. And the Kaspersky.com
website so far offers no special news/advice for its clients. The Novosti
newswire oddly claims Kaspersky Labs "will be switched over to the 'yellow'
danger level" on Thursday, but this, too, seems highly out of character for
the antivirus firm.
For all of these reasons, Vmyths dismisses this "Internet Terrorist Attack"
story as baseless hysteria.
Vmyths assumes Alexander Gostev & Eugene Kaspersky were quoted out of
context -- but we don't know HOW MUCH they were quoted out of context. This
may be an example of a "worst-case scenario briefing" gone awry. (See
http://Vmyths.com/rant.cfm?id=540&page=4 for more on this subtopic.) We
asked Kaspersky Labs to comment on the Russian news stories and we'll
publish their response as soon as we get it.
Unfortunately, the global media has a FETISH for "end of the Internet"
stories. Vmyths predicts the following:
(1) On Wednesday, news outlets around the world will report the Novosti
newswire (and stories derived from it) without question. A sensationalist
reporter might even link cyber-terrorism to the breaking news of two Russian
jetliners that just crashed. "Did Islamic hackers take over the cockpits?"
(2) On Thursday, a few news outlets will acknowledge the prediction
flopped.
(3) On Friday, reporters will dump the story as a non-event.
The SANS "Internet Storm Center" (http://isc.sans.org) currently reports a
"green" status for the Internet. SANS "predicts that the Internet will not
vaporize into a cloud of nothingness this Thursday, but if it does, it's
been our pleasure to help stave off its inevitable annihilation this long."
Vmyths applauds SANS for its sense of humor.
Don't bet on an Islamic cyber-attack this Thursday. Stay calm. Stay
reasoned. And stay tuned to Vmyths.
Rob Rosenberger, editor
http://Vmyths.com
Rob@...ths.com
(319) 646-2800
Acknowledgements:
* Cory Altheide (SANS), for URLs to Russian news stories
* Confidential source, for the Novosti newswire
CATEGORY: Dire predictions of a cyber-war or cyber-terrorism
--------------- Useful links ------------------
Common cliches in the antivirus world
http://Vmyths.com/resource.cfm?id=22&page=1
False Authority Syndrome
http://Vmyths.com/fas/fas1.cfm
Powered by blists - more mailing lists