Reno, FBI feast on bad network security

Manna from Heaven shows why FIDNET is so important....

The recent spate of high-profile distributed denial of service (DDoS) attacks comes as a blessing to US Attorney General Janet Reno and her Justice Department, which only this week requested a $37 million increase in funds for cyber crime fighting. Because DDoS attacks have been automated to an extent that allows any imbecile with a Linux box to take out large swaths of Internet infrastructure, few exploits could have argued so effectively for increased vigilance by the Feds. For Reno, whose ambitions apparently include assigning a personal FBI agent to every US citizen, it was the political equivalent of Manna from Heaven. "To keep pace with cyber criminals in the new Millennium...we have set up a system through the National Infrastructure Protection Center (NIPC) to better coordinate with private entities to ensure that cyber crime is promptly reported to law enforcement," Reno declared during a Washington press conference dealing with the recent DDoS attacks. But there is work yet to be done. "We are committed to taking steps to ensure that e-commerce remains a secure place to do business," she noted. We were left to speculate about just what those "steps" might involve. She appeared confident, but we were not. The very nature of the Internet makes it impossible for the Feds to patrol cyber space effectively, at least without inserting themselves to an extent that almost anyone would regard as a nuisance. Furthermore, the sorts of security measures that business would have to employ to secure itself as Reno wants, and from DDoS attacks in particular, would be a hindrance to commerce. For a Web site, filtering comes at the expense of customer access. For an ISP, it comes at the expense of subscriber services. Any way you slice it, it comes at the expense of revenues. And filtering or not, if a box is connected, regardless of how well it may be defended, it can be hacked. Reno doesn't get it: companies that can't afford to take any risk with their data simply don't belong on-line. The others will always have to live with some risk. After reading her statement, Reno was immediately ushered off stage in a gesture reminiscent of James Brown leaving the house, presumably to spare her the embarrassment to come, which was borne instead, and most heroically, by FBI Computer Investigation Section Chief Ron Dick. Journalists wanted to know who might be behind the attacks. The Feds had no idea, Dick allowed. They wanted to know why such an attack had been launched; which operating systems had been compromised; where the attacks had originated; how many clients were involved and where they were located; whether or not a hostile foreign government might have been involved; and whether Y2K remediation efforts might have enabled the installation of DDoS tools on so many boxes. Dick didn't know. FBI officials don't appear to know much of anything, except that they desperately need heaps more money, and that Western Civilisation desperately needs their increasing intervention in all matters digital. Indeed, it was such a good setup for DoD that conspiracy paranoiacs will soon be claiming that the FBI conducted the attacks themselves, to justify increased spending and increased intervention in Net-related law enforcement. "This was the kind of thing we hoped would never happen, but it did," Dick said. And this is why we need lots more money, and a network monitoring scheme called FIDNET, the subtext reads. ®

Sponsored: How to determine if cloud backup is right for your servers