|Spies Among Us|
by Ira Winkler
GLENN: So last week we had an author of a fiction book called Daemon and it's actually, the author, this is his first novel. He self-published it. He's an Internet guy and he's been reading the warnings of, you know, cyber attacks and everything else and he's like, the government just doesn't even know how easy this is. And so he wrote this novel called Daemon, he self-published it and it became a big hit in the Internet world and now it is on the best seller list and it was released last week, et cetera, et cetera. We had him on. It was on Wednesday. And he said, "You have to pay attention to botnets," and he explained what they were and he showed how easy and how everybody's personal computer can be linked together and do really vicious things. And he said, it's only a matter of time before it comes.
Then last Friday this was in the New York Times. A new digital plague has hit the Internet affecting millions of business and personal computers in what seems to be the first step of a multistage attack. The world's leading computer security experts do not yet know who programmed the infection or what the next stage will be. Known as Conficker, it is spread by a recent discovered Microsoft Windows vulnerability guessing network passwords and by hand-carried consumer gadgets like USB keys. If you are looking for a digital Pearl Harbor, we have the Japanese ship steaming toward us on the horizon. In a separate story, cyber attack on U.S. banking system more dangerous than 9/11. A top U.S. intelligence official said that a cyber attack on U.S. banking systems could be several times more damaging to the country's economy than the twin tower attacks by September 11th, 2001. Instead of attacking the twin towers, Al-Qaeda had taken down a major bank, the economic cons! equences would have been an order of magnitude ten times greater than the economic consequences of 9/11. I don't say the personal physical damage of 9/11. The information that we create electronically.
All right. Ira Winkler is on the phone. He's the author of Spies Among Us, he is also an Internet security expert, to kind of explain what this is. As of Friday, Ira, they didn't know what this, quote, digital plague was. Do we have any idea what it is at this point?
WINKLER: Well, we've seen this again and again over the last probably at least over the last seven or so years. We've had different versions of worms since 1986 or so. So we've seen this again and again and again. This is just the latest version of it, you know, what it seems to be -- and again just judging by its actions and what it does, it seems to be a resurgence of the group called the Russian Business Network and a few other people who had botnets that were basically taken down a couple of months ago when a group of researchers got together with some ISPs and had them take the McColo Internet service provider off the line because McColo Internet service provider based out of San Diego ironically was hosting the botnet controllers for a variety of other systems and what happened was they were taken off the line, the controllers couldn't get at all the botnets and that left their networks down. So apparently what happened was researchers back! in October found a new computer vulnerability and what they did was they just decided to publish the hell out of it and tell everybody how to exploit it and now what's happened is these botnet herders went ahead, are exploiting that known vulnerability by creating this new worm which is now spreading itself from computer to computer to computer which I think is --
GLENN: Okay. If I'm not mistaken, the computer system that was taken down -- and a lot of this is way over my head -- that was taken down in San Diego, that was a for-profit, that was spam, right?
WINKLER: It was primarily spam but it was used for a lot of criminal purposes. They had things on -- you know, they had child pornography. Spams, everybody thinks they are just advertisements. They are not advertisements. They are criminal efforts to gather credit card numbers because there are people who are -- you know, people say naive. I would rather say stupid enough to think that you can get drugs for a penny a pill. And they give their credit card numbers to these things and they never get their pills and they are too stupid to admit it.
GLENN: Hold it. That's -- wait a minute. That was a scam? Okay, so Ira, you believe that -- because they are saying this is bigger than that other big worm that came out in 2003. I'm trying to remember. What was the name of that?
WINKLER: That was Melissa as one type of virus, there was --
GLENN: They are saying -- the point is they are saying that this is a huge one but you're not so sure?
WINKLER: Well, no, I know it's huge. I mean again, you know, different studies, anywhere from 6 to 13 to 20% of PCs are being infected by this. And this does give somebody massive computing power to do whatever they want with. So far we've only seen primarily profit motivation through these type of botnets because frankly, I mean, everybody gives all these credit to terrorists but they are not as smart as we would like -- as people like to think they are. Potentially they are done by nation states like the Russians, the Chinese or whatever, but they tend to be more covert, and it's the people with the profit motive, for example a lot of the former Eastern Bloc computer specialists go into computer crime because it's the easiest way to gather money from around the world.
GLENN: Okay. So Ira, what would it take -- I mean, could you go after a bank and what kind of debt -- could you -- if somebody wanted to take us down, could they go out and wipe all of the 1s and 0s out of the banks?
WINKLER: I frankly think not. I mean, it would have to be a very, very long-term effort. It's not going to happen with these botnets. You have to infiltrate the bank's computer systems, you have to do a wide variety of activities, and it's just not going to happen this way.
GLENN: So then what are we worried about with the botnets? Why are they saying -- I mean, I'm reading the stories over the weekend on this thing and they are all hair-raising. What is the worst thing these botnets could do then?
WINKLER: Theoretically the botnets can cause what I consider a lot of tactical damage. Now, there's a difference. Pearl Harbor was a strategic attack. It knocked out the entire U.S. military infrastructure in the Pacific, or a large portion of it. It takes six months to a year. In that case it took two years to rebuild this. In the case of these botnets, the reality is that the banks have lots of good backup systems and things like that, and you can knock their computers off the line.
GLENN: What about our grids? What about our grids?
WINKLER: The power grids again you can probably knock them off the line. There are ways of potentially causing -- I'm just laughing because I gave a presentation a while ago and had five federal agents show up at my house on how to take down the power grid.
GLENN: Okay, don't spread that information, Ira.
WINKLER: But, yeah, you can go ahead and create cases of damage, but that doesn't occur necessarily because of the botnets, which are good for creating what's known as denial of service attacks where you basically have a computer and you flood it with data.
WINKLER: And that has the effect of like basically -- you know, if everybody yells at you at the same time, you can't hear the important stuff. That's what, you know, a denial of service attack is. In this case in order to knock -- you can do that and possibly have effects on the power grid for a week, maybe a month. That is going to be -- that is going to be again a tactical attack.
GLENN: All right.
WINKLER: It's not going to be a Pearl Harbor attack.
GLENN: Ira, thank you very much. We'll talk to you again. We have more and your phone calls coming up next. By the way, Ira Winkler, the name of the book is Spies Among Us.