ACM TechNews is intended as an objective news digest for busy IT Professionals. Views expressed are not necessarily those of either Gateway Inc. or ACM.
To send comments, please write to [email protected].
Volume 3, Issue 254: Wednesday, September 19, 2001
- "The Terrorists Are Winning the Cyber War"
Los Angeles Times (09/19/01) P. A7; Piller, Charles; Wilson, Dave
Cyberterrorism experts warn that the nation's intelligence agencies are losing ground to their enemies online. Advances in technology have outstripped the abilities of agencies to keep up. One of the most criticized groups is the National Security Agency, which is responsible for monitoring communications outside the United States and filter it for possible terrorist information. However, terrorists have made use of encryption technology and an ever-expanding Internet and agents cannot keep up with the growing workload. In addition, the NSA's bureaucracy hampers its ability to stay on the cutting edge of technology or to revamp its structure to better deal with terrorists. Others say that increased cooperation between agencies and private sector companies could solve more problems than the $40 billion antiterrorism bill recently approved. Meanwhile, terrorist groups brazenly collect money on the Internet for their causes, and are suspected to have been behind breaches in Defense Department networks and other critical infrastructure systems. In 1998, for example, hackers broke into NASA's Jet Propulsion Laboratory to research air traffic control systems and data on stealth bombers.
Click Here to View Full Article
- "Lawmakers to Scrap Tech Agenda"
InternetNews.com (09/18/01); Fusco, Patricia
Congress, in an effort to respond swiftly to last week's terrorist attacks, is likely to pass over several technology issues. Among the items most likely thrown off the agenda are the E-Government Act of 2001, Platform for Privacy Preferences Project, and the controversial Tauzin-Dingell bill, which would deregulate the DSL market. Over 30 tech-related bills are now pending in Congress, but few are expected to get much attention at this point. Other prominent bills include the National Digital School Districts Act, designed to promote technology use in schools; and the Rural America Technology enhancement Act of 2001, which is intended to boost rural IT jobs, teleworking, and small business use of the Internet. Technology companies, fearful of government meddling in their industry, are generally happy about the situation. However, extending the ban on Internet taxes, due to expire on October 21, is still a priority for many firms. Congress is expected to pass federal appropriations bills, but perhaps not much else before adjourning and heading home by Halloween, writes Pat Fusco, who says not extending the Internet tax ban could be disastrous for the Internet industry.
- "Sweden Tops List of Knowledge-Based Economies"
Financial Times (09/19/01) P. 9; Marsh, Peter
Sweden is the country with the most knowledge-based economy in the world, according to a report by the Organization for Economic Cooperation and Development (OECD). Swedish knowledge activities investment in 1998 accounted for 6.5 percent of the gross domestic product, according to the study. The United States came in second with 6 percent, followed by Korea and Finland with 5.2 percent each. Across the 30 countries covered by the OECD study, investment in knowledge activities in the 1990s rose at an average annual rate of 3.4 percent, while fixed capital investment rose 2.2 percent annually; this indicates a 50 percent faster growth rate in knowledge activities investment. Knowledge activities include research and development, higher education, and software. Switzerland scored the highest in terms of knowledge-intensive manufacturing and services, with 36 percent of its GDP in 1998. The report concludes that knowledge creation, dissemination, and exploitation "is increasingly central to competitive advantage, wealth creation, and better standards of living."
- "New Internet Worm, 'Nimda,' Is Cause of Latest Cyber-Infection"
Investor's Business Daily (09/19/01) P. A6; Howell, Donna
A new computer virus called Nimda could be the biggest and most sophisticated infection to date. It broke out one week after the terrorist attacks on Sept. 11, but U.S. Attorney General John Ashcroft says there is no apparent connection. Unlike Code Red, which scans for computers with one particular flaw in their Microsoft server software, Nimda has 12 to 16 security holes to choose from, says Central Command product manager Steven Sundermeier. The Nimda infection can spread in a variety of ways: As an email attachment labeled "readme.exe;" by commandeering machines it has contaminated to scan for other vulnerable systems; by infected HTML email and Web pages; and through shared network drives. Users of certain versions of Microsoft Internet Explorer and Microsoft Outlook email, both at home and in companies, are at risk of being infected. Nimda's proliferation is slowing down some Internet traffic, and Sundermeier says that major corporations are already being affected.
- "Terrorists' Online Methods Elusive"
Washington Post (09/19/01) P. A14; Cha, Ariana Eunjung; Krim, Jonathan
Last year, a federal official at a closed congressional hearing said, "Middle East terrorist groups--such as Hezbollah, Hamas and Osama bin Laden's organization--are using computerized files, email and encryption to support their organizations." Government agencies believe bin Laden's group orchestrated the attacks in New York and Washington via encrypted Internet communications. To help ascertain what messages they were sent, the agencies are engaging the services of computer experts. Steganography is one such method that federal agents believe bin Laden's group uses. It involves the embedding of messages within graphics, email headers, and other digital files. Since the attacks, Sen. Judd Gregg (R-N.H.) has recommended that software developers hand over the "keys" to the encryption programs they create to government security agents, but opponents are worried that such a requirement could lead to the violation of many innocent computer users' privacy. Encryption technology creator Phil Zimmermann suggests that a more practical solution is to dig deep into the terrorist organizations through investigation rather than rely on surveillance technologies.
- "Tech Firms Jump In to Help"
USA Today (09/19/01) P. 3B; Iwata, Edward; Swartz, Jon
Technology vendors stepped in soon after the initial plane attack on the World Trade Center to help companies housed there. Workers from Cisco Systems, IBM, Microsoft, Sun Microsystems, SunGard, and other companies quickly rallied to get systems back up and to relocate displaced workers to temporary offices. Sun shipped 10 truckloads of equipment to the New York area filled with computer hardware and software, and dedicated 1,500 workers to helping clients crippled by the tragedies. SunGard, a disaster recovery firm, helped get one company's network up just hours after the attacks, working from data tapes escaped employees had brought into their offices. Hewlett-Packard plans to supply up to 65 firms with new equipment, including one company that is requesting 4,000 PCs and 400 servers. After the crashes, Microsoft technicians quickly went to work on the trading networks that are linked to the New York Stock Exchange and succeeded in getting them online by Monday morning, when trading resumed.
- "U.S. Recovery: U.S. Commission Examines Cyberterrorism"
InfoWorld.com (09/18/01); Garretson, Cara
A special panel assigned to study the nation's ability to respond to terrorism said it will accelerate its schedule in order to release its recommendations ahead of its December deadline. Virginia Gov. James Gilmore heads the national advisory panel, which is now issuing its third report to study the responsiveness of the medical infrastructure, U.S. border security, and state and local governments in the event of a national terrorist attack. The National Advisory Panel to Assess Domestic Response Capabilities for Terrorism will examine cyberterrorism issues as well. But Gilmore says they are unlikely to recommend any specific technologies, actions to regulate the Internet, or any measures that would infringe on citizens' civil liberties. The report will instead evaluate how the nation would have to respond in case its communications infrastructure was attacked.
Click Here to View Full Article
- "Robots Scour WTC Wreckage"
Wired News (09/18/01); Kahney, Leander
Experimental robots have been recruited to search for bodies in the rubble of the collapsed World Trade Center. This is the first search-and-rescue mission that has employed robots. Teams from Colorado and the University of South Florida are coordinating the searches, under the respective leadership of retired Marine Lt. Colonel John Blitch and roboticist Robin Murphy. Blitch's team is using semi-autonomous military reconnaissance robots that were previously classified. Carnegie Mellon University roboticist Howie Choset says the machines are based on Urbie, a remote-controlled mobile unit that can travel over rough terrain while relaying a variety of data to its user through assorted cameras and sensors. Urbie can also be equipped with a microphone to communicate with survivors. Murphy's team is deploying semi-autonomous marsupial robots that consist of a "mother" machine that sends out a smaller "daughter" machine to probe through tight spaces. Some of the daughter robots are capable of changing their shape to bypass obstacles.
- "WTC Technology Replacement Costs Billions"
Computer Economics estimates that it could cost as much as $15.8 billion to repair the damage to the IT and communications infrastructure sustained in the terrorist attack that devastated the World Trade Center in New York. The communications infrastructure is expected to lose $6 billion in the long term. The research firm figures that $1.7 billion will be needed immediately to replace critical equipment and to maintain service continuity; $8.1 billion will be needed to purchase and replace the hardware lost in the tragedy and deploy telecommunications and data communications support. Computer Economics says that the reconstruction and development of the area over the next couple of years will determine how much it costs to repair and replace the lost or damaged capacity. The research firm also said, "It is likely that over 100,000 information intensive workers will be relocated to temporary and new permanent facilities."
Click Here to View Full Article
- "Encryption Technologies Draw Fire After Attacks"
PC World.com (09/17/01); Perera, Rick
Encryption tools are coming under attack from those that say terrorist groups could use them to secretly send messages over the Internet. Sen. Judd Gregg (D-N.H.) suggested that the nation's electronic intelligence have more access to encryption keys, such as the Pretty Good Privacy email encryption tool. Those in the encryption community were quick to condemn the suggestion, saying it would violate basic American rights. Sen. Gregg's aides later clarified that he was only looking for voluntary cooperation from companies. National Security Agency director General Mike Hayden says Osama bin Laden was fairly easy to track until about one year ago, when agents suspect he changed technologies that evade normal eavesdropping devices. Though this could mean encryption, many experts insist bin Laden could have moved to less sophisticated methods which are actually more difficult to track, such as using couriers or hiding messages in unexpected places on the Web.
- "Not Your Father's Shop Class"
Washington Post Magazine (09/16/01) P. 34; Pino-Marina, Christina
High schools in the Washington, D.C., metropolitan area are combining academic studies and vocational programs in the form of career academies, which increasingly have a heavy presence in information technology training. Although many of the students who participate in career academies are those who were once in vocational classes, IT programs are starting to attract students who take AP and gifted-and-talented classes. The programs in information technology are designed to offer students the practical skills needed to find IT jobs, and they also offer college credit. Although students have an opportunity to earn IT industry-sponsored certifications, the high schools do not consider the programs to be a substitute for college. As for the long-term impact of the IT certification programs, Christopher Dede, a professor of learning technologies at Harvard University's Graduate School of Education, says he is concerned that the training students receive could become obsolete by the time they graduate from high school, and adds that the quality of the teacher leading the classes could determine the value of the programs. Another expert added that the notion that students will find IT jobs that pay $30,000 to $40,000 out of high school is the equivalent of teenagers who dream of becoming the NBA's next Kobe Bryant. IT programs in schools have become a new market for the IT industry, which allows high-tech companies to sell IT curricula, certification tests for students and teachers, upgrades, and equipment. Some critics question whether the certification programs are more about business than philanthropy.
Click Here to View Full Article
- "Standards Body Pushes Accessibility Online"
CNet (09/17/01); Festa, Paul
The World Wide Web Consortium (W3C) released its preliminary recommendations for Web browsing designs friendly to the disabled. The latest round of recommendations from the W3C is the third in a series of guidelines, the previous two outlining rules for creating Web content and Web authoring tools. Suggestions include building sites so that users can navigate with the tab key instead of the mouse, as that creates problems for people with repetitive strain injuries and the visually impaired. The guidelines also propose that graphics use alternative text tags so that screen-reader programs will be able to interpret the images. Other accessibility standards have been suggested or mandated, as with Section 508 of the Rehabilitation Act which requires that U.S. federal government IT be accessible to the disabled.
- "Tracking Worker Whereabouts May Become More Common"
Los Angeles Times (09/18/01) P. C3; Girion, Lisa; Healey, Jon
The destruction of the World Trade Center and the subsequent loss of personnel may spur more companies to deploy systems designed to better keep track of their workers, according to crisis management experts. They say that traditional printed rosters are often outdated, do not account for employees' precise whereabouts, and are in danger of being lost in a disaster. One possible solution is to install wireless sensors throughout the office that read employee I.D. tags whenever they pass through a door. This releases employers from the problem of concentrating on who enters the office while overlooking who leaves. However, more precise worker location tracking means more sensors to be installed, a costly proposition. Furthermore, keeping the employee location database on-site risks its loss in the event of a disaster, while absolute certainty of employee identification requires sensors that can read extremely detailed personal information unique to each worker. In addition, increased worker monitoring could encroach on personal privacy.
Click Here to View Full Article
- "Technology's Role to Grow In a New World of Security"
New York Times (09/18/01) P. B1; Glaberson, William
In the wake of last week's terrorist attacks, national security measures are expected to become more stringent and technology-based. Kroll President Michael G. Cherkasky speculates that electronic identification cards that relay to computers detailed information about their bearers could become the standard, since the technology already exists. More electronic surveillance rights for law enforcement officials was a provision of one of several proposals put forward by Attorney General John Ashcroft on Monday. Other congressional proposals would ease computer wiretapping. Increased video monitoring and Internet surveillance and expansion of restricted airspace over major cities are other possibilities. Critics of such efforts are worried that civil liberties will be sacrificed in the name of security, but the courts may be arrayed against them, especially in times of war. Whatever restrictions may be applied, experts are certain that the adoption of security technology will grow as a result of the attacks.
(Access to this site is free; however, first-time visitors will need to register.)
- "Technology Has Potential to Spread Freedom in Africa"
SiliconValley.com (09/15/01); Gillmor, Dan
Many African countries are plagued by disease, poverty, and questionable governments, but technology promises to alleviate at least some of those problems. Because journalists are often pressured by repressive authorities if they report something critical, technology is a key tool to keeping them active. Fred M'membe, editor of The Post, Zambia's largest independent newspaper, made his paper one of the first in Africa to go online when the government stopped his presses several years ago. Technology is also helping bring more information into the country, even the remote areas. For example, missionaries that are far from normal sources of news get daily updates through email downloads on their satellite phones.
- "Tech Economy Might Get Some Jolts"
Associated Press (09/17/01); Bergstein, Brian
Tech companies providing consulting, networking, security, and videoconferencing equipment are likely to benefit as American businesses react to the recent terrorist attacks. Shares of security and data recovery companies soared as the markets opened again on Monday, although the indexes both fell sharply among worries of fatigued consumer spending. Even before the attack, consumer spending was flagging, but economists worry now that a drop in air travel will trigger further weakness. Tech firms that provide videoconferencing expect increased sales as companies opt not to fly workers around the country on business. Forrester Research analyst Carl Howe says consulting services companies that also provide security solutions will receive significantly more business as well.
- "Disaster Recovery's Core Component: People"
eWeek Online (09/13/01); Donston, Debra
People are the most important factor in disaster planning and recovery, say IT professionals. Currently, most disaster plans account only for loss of data facilities, not for a massive loss of staff, says Kevin Baradet, network systems director at the S.C. Johnson Graduate School at Cornell. Unless recovery plans include an organization's people, they are useless, he adds. Tom Miller, a senior director of IS, recommends that all companies reevaluate their business continuity plans to ensure provisions for people. Some plans may be too expensive for some firms, he says. Organizations should plan for the worst, advises Robert Rosen, director of information management at the U.S. Army Research Laboratory. To keep a business running, organizations must think about people in various aspects, he says. Plans are necessary to know where people are in a disaster, whether on-site or traveling, Rosen notes.
- "Stealth Care for Networks"
Newsweek (09/17/01) Vol. 138, No. 12, P. 70H; Benedek, Emily
Computer-security professionals now have a forum for sharing information on hacks of all types in the Honeynet Project. Lance Spitzner, senior securities architect for Sun Microsystems and a former U.S. Army tank officer, created the Honeynet Project in 1999. Instead of designing a machine to look like a regular computer in an attempt to entice hackers and record their every move, Spitzner staffs 30 computer-security professionals and a psychologist for the project, which features linked computers that are designed to give computer intruders the impression that they have accessed a regular computer network. Project participants essentially collect data on hackers, analyze attacks, and post their results at project.honeynet.org for colleagues and network administrators. The involvement of a psychologist should give computer-security professionals and network administrators a better understanding of the motives of computer hackers. The computer-security professionals hope Honeynet can help them develop a system that can warn network administrators of the likelihood of an attack. The Honeynet Project plans to publish its research this week in the book "Know Your Enemy." The project also plans to set up new honeynets that will make e-commerce sites, university computers, and hospitals appear as real targets to hackers.
- "The IT-CPO Link"
InfoWorld (09/10/01) Vol. 23, No. 37, P. 44; Alexander, Steve
The next crop of chief privacy officers may come from a company's IT staff instead of the more traditional legal, auditing, and consumer watchdog departments--especially in light of widespread public concern about privacy and increased focus among the media as well as federal and state regulatory agencies. The need for close collaboration between CPOs and IT departments is seen as essential. Privacy safeguards are rigorously implemented at AT&T thanks to a healthy relationship between CPO Michael Lamb and the IT staff. Lamb's legal background gives him insight into privacy law, but he maintains that the expertise of the IT department is also important. Meanwhile, Thomas Warga of New York Life Insurance has a stable IT footing through his experience as a programmer, but he also leverages his background as a corporate auditor to give privacy initiatives some weight through his position and his familiarity with management. Chief information security officer Steve Attias works closely with Warga, and observes that increasing exposure to privacy enforcement policies is paving the way for CPOs who come from the IT ranks. "I don't think the jump from data security to privacy is that big a leap," he argues.
© Copyright 2001 Information, Inc. This service may be reproduced for internal distribution.