Read Fatal System Error Online
Authors: Joseph Menn
Tags: #Business & Economics, #General, #Computers, #Security, #Viruses & Malware, #Online Safety & Privacy, #Law, #Computer & Internet, #Social Science, #Criminology
220
hacking the Pentagon:
The
Time
article “Enemies at the Firewall” is at
www.time.com/time/magazine/article/0,9171,1692063,00.html
.
221
“ministries or international organizations”:
The GhostNet report, “Tracking GhostNet: Investigating a Cyber Espionage Network,” is available at
www.scribd.com/doc/13731776/Tracking-GhostNet-Investigating-a-Cyber-Espionage-Network
221
a broad and distinguished group was so concerned:
A copy of the letter is at
www.uspcd.org/letter.html
.
221
Congress did authorize hundreds of millions:
Through the Cyber Security Research and Development Act of 2002, aimed mainly at the National Science Foundation. Actual appropriations were handled separately, but the bill didn’t envision developing a new Internet architecture. The “mixed” comment comes from a 2003
Frontline
interview at
www.pbs.org/wgbh/pages/frontline/shows/cyberwar/interviews/saydjari.html
.
222
“trying to figure it all out”:
Schmidt interview, along with interviews of many security company executives.
222
according to Conzress’s Government Accountability Office:
The GAO report is at
www.josephmenn.com/FatalSystemError
. See also a critical report by the DHS’s inspector general posted there.
222
cut off all Internet access for a time:
According to congressional testimony.
222
would have been ten times worse:
According to a person at the meeting.
223
raised their hands:
The author was in attendance and interviewed Dixon later.
223
“global jihad”:
The CSIS report is available at
www.josephmenn.com/FatalSystemError
.
224
“strategic national asset”:
A transcript of Obama’s speech is posted at www.j
osephmenn.com/FatalSystemError
.
225
boasting of the attack on an IRC channel:
Adelson saw the transcript. The teen was not arrested.
226
the billing address assigned to those cards:
Interviews with multiple people involved in the case.
228
said Steve Santorelli of Team Cymru:
Santorelli interviews.
228
“foundation is there”:
Interviews with Henry. Others were skeptical of serious progress, noting that the arrests had not been publicized.
229
more urgency in developing offensive cyberweapons:
This comes from interviews with top defense cyber officials and advisors. In general, the New York Times has been providing good ongoing coverage of the development of offensive cyberweapons.
230
$140 billion the previous year:
Blair’s testimony came in a February 12 hearing on “current and projected national security threats.”
231
the SANS Institute:
Paller interviews.
232 spam
droppedby
10 percent: Interviews with Armin, McQuaid, and spam researchers. The two Armin reports are reproduced at
www.josephmenn.com/FatalSystemError
.
233
gave Belize as its base:
Leibowitz interview and documents from
Federal Trade Commission v. Pricewert,
U.S. District Court in San Jose.
233
he only dealt with over ICQ:
Law enforcement interviews.
234
credit card fraud and forgery:
Krebs’s stories appeared at
http://voices.washingtonpost.com/securityfix/2008/09/estdomains.html
and
http://voices.washingtonpost.com/securityfix/2008/09/estdomains_a_sordid_history_an.html
.
234
The potential for bad publicity reached Eastern Europe:
The
Financial Times
account is at
www.ft.com/cms/s/0/a95420aa-8545-llde-9a64-00144feabdc0.html
.
235
computer security research:
The National Academies made one such plea at book length,
www.nap.edu/catalog.php?record_id=10274
.
236
top twenty-five mistakes:
The SANS report is posted at
www.sans.org/top25 errors/
.
237
quadrupled in the previous six months:
Jim Lewis interview.
237 focus on it:
This idea originates with Gartner’s Litan.
238
any government involvement must come with oversight:
The NSA has the capability to scan all Internet traffic entering the U.S., weeding out at least DDoS attacks and possibly more, but that might require new legislation because of laws against domestic spying. The
Wall Street Journal
has covered the issue well in places such as
http://online.wsj.com/article/SB124657680388089139.html
.
239
the version ready for prime time:
Interviews with Cerf.
240
“real progress”:
Interview with McConnell.
243
insufficient evidence to proceed:
Interview with a U.S. law enforcement source.
b249
stop letting it use the Manas air base:
This decision was later reversed.