U.S. Warns of Possible Cyber Biz Attack

mikesd81 writes "The AP has an article about a possible attack against the New York Stock Exchange via the internet by a radical muslim group. The notice was issued to the U.S. cybersecurity industry after officials saw a posting on a 'Jihadist Web site' calling for an attack on U.S. Internet-based stock market and banking sites in December, said Homeland Security Department spokesman Russ Knocke. Knocke has said: 'There is no information corroborating the threat and that the alert was issued as a routine matter and out of an abundance of caution.' There is no immediate threat to our homeland at this time. The attacks were to be conducted in December, 'until the infidel new year,' the site said, according to a U.S. government translation. It called for attackers to use viruses that can penetrate Internet sites and destroy data stored there. Spokespeople for the New York Stock Exchange and Nasdaq declined to comment on the cyber-terror threat."

blame the muslims

[nihaopaul (782885)]

seriously, is this new?

Re:

[Danga (307709)]

blame the muslims. Seriously, is this new?

Well if some of the radical muslim websites did indeed post information saying they wanted to carry out attacks like these then I think it is reasonable to keep an eye out for it. It is not like it is completely unfounded.

If a KKK website posted threats that they were going to group up in say Jackson, Mississippi and lynch some darkies this december would you think it would be stupid to beef up police forces and keep a close watch on what is going on for a while?

Re:

[tritonman (998572)]

I heard about this in a news report yesterday. They said "there is no evidence that this is a threat, but the government is reporting..." uh, no evidence? So wtf? Let's just try to scare some people around xmas so they can remember that we are here to protect them when nothing happens.

Advertising attacks?

[haluness (219661)]

How seriously can you take would be crackers who go around blabbing about an upcoming attack?

Sheesh, and the media just have to take it up. They even contradict themselves in the same paragraph!

Re:

[joe 155 (937621)]

I think we can largely take people who annoce these things before hand, its just like foreplay for them. They want the media to report on it (which they do - handy really) and they want people to know that they are considering doing it. Its just another tool for spreading fear, uncertainty and doubt.

Besides don't you think there could be a certain amount of l33t points (or some kind of jihad alternative) for saying your going to do an attack and them still being un-able to stop you... I'm assuming this

Re:Advertising attacks?

[truthsearch (249536)]

The intent of terrorists is to incite terror in order to bring about change. Terror can be spread without any actual attack. Just the fact that the government and companies are responding to a threat, plus the spread of this information through media, increases fear. Since we are listening the terrorists are successful to some extent, even without actually committing the cyber-attack.

Re:

[joe 155 (937621)]

but if they never commit the attack then people will no long belive them next time... I think they do need to at least have a go at it. Although you are right on the whole that the fear is a big part. I think with the brand of "islamic" terrorism though there maybe some part which requires an actual attack - maybe because of a percieved need to hurt someone or something, maybe because of the instruction from the people at the top.

Basically, I agree. But maybe they do want to do it aswell.

Re:

[Jah-Wren Ryel (80510)]

Basically, I agree. But maybe they do want to do it aswell.

Congratulations. You have been successfully terrorized.
Have a nice day.

Re:Advertising attacks?

[Jah-Wren Ryel (80510)]

When you get punched in the noce you have 2 choices, punch back and continue punching until the threat is GONE, or do nothing and accept the fact that it will continue to happen regardless of what action you take.

Bullshit. The world is not black and white and neither are your options.

Got punched in the face? Analyze the situation, figure out why you got punched in the face and take a-p-r-o-p-r-i-a-t-e action to reduce the chance of it happening again to an acceptable level. Maybe that means killing the guy punching you. Maybe it means using a different swing on the playground. Maybe it just means kicking the guy in the nads. Maybe it means calling your older brother over to intimidate the guy.

Whatever the case, your simplistic analogy has no place in the real world.

Make your choice, stick by it, and shut the hell up.

Yeah, because changing your mind in response to new information is just not macho. Grow up pequito.

Re:Advertising attacks?

[russ1337 (938915)]

Exactly,

If they were really serious they'd submit an article about taking down the stock exchange, and include a link to the stock exchanges webserver to have it Slashdotted...

It looks to me like mikesd81 is trying to take down excite.com. (why do you hate our freedom?)

Not a chance

[Salvance (1014001)]

It's almost impossible that a bunch of radicalists with relatively sophomoric computer skills could infiltrate the NYSE or the Nasdaq in any substantial way. This is akin to high schoolers joking on forums and IRC that they are going to hack into the school's computers and change grades. Sure it happens, but not typically by a bunch of attention-seeking kids, but usually by some kid that is smart enough he didn't need to do it, just wanted to see "if he can".

If these "hackers" really had a chance to impact the exchanges, it means they've found a vulnerability that the exchanges don't know about. Any smart (but malicious) hacker wouldn't tip their hand to such a find, they'd wait until D-day to launch their attack. Obviously the security folks at the exchanges should take the threat seriously and evaluate their systems for holes, but it would be bordering on the ridiculous for the rest of us to be worried.

Re:

[Blkdeath (530393)]

It's almost impossible that a bunch of radicalists with relatively sophomoric computer skills could infiltrate the NYSE or the Nasdaq in any substantial way.

What makes you think they have "sophomoric computer skills"?

Indicates nothing.

[Kadin2048 (468275)]

At risk of violating some sort of Godwin's-Law like rule for making 9/11 analogies, doesn't what you're saying sound a bit like someone sitting around on Sept. 10, 2001 saying "With a little bit of thought, the terrorists could set off car bombs in front of a bunch of major airports and totally screw up air travel? Since they cannot accomplish even that minor task, they don't have the skills to accomplish a major attack."

I think you're leaving out a major psychological motivator: the terrorists in large par

Re:

[timeOday (582209)]

Besides, there was never any question that terrorists would like to wreck the stock market, if they had some means to do so. Of course they would, just like countless other criminals would love to break into it for personal gain. So what? Issuing a new statement to that effect changes precisely nothing.

This is just like when people fly into a tizzy because some nobody halfway around the world says he'd like to establish a global caliphate and subject Europe and America to shariah (Muslim law). Whoopdi

Re:

[shadow349 (1034412)]

How seriously can you take would be crackers who go around blabbing about an upcoming attack?

I think this quote from Sneakers [imdb.com] sums it up nicely:

Cosmo: Posit: People think a bank might be financially shaky.
Martin Bishop: Consequence: People start to withdraw their money.
Cosmo: Result: Pretty soon it is financially shaky.
Martin Bishop: Conclusion: You can make banks fail.
Cosmo: Bzzt. I've already done that. Maybe you've heard about a few? Think bigger.
Martin Bishop: Stock market?
Cosmo: Yes.
Martin Bishop: Curr

Re:

[diersing (679767)]

There is no information corroborating the threat

the alert was issued as a routine matter and out of an abundance of caution

There is no immediate threat to our homeland at this time

The title of TFA is "U.S. Warns of Possible Cyber Biz Attack" but the article is full of back tracking and spin. There will come a point when they issue so many warning that people tune out and the valid warnings will lose value, I recall a fable about a boy and wolf. 9/11 didn't happen because someone didn't act on a couple m

Infidel New Year?

[minotaurcomputing (775084)]

I can't wait to watch Dick Clark's Infifel New Year's Rockin' Eve!

-m

Up next, nano-virus threat to create mutants!

[khasim (1285)]

So, some joker on some website posts a piece about how people should release viruses to attack the stock exchange ... and our government issues an alert?

What happens when the same joker posts a call for nano-viruses to be released into our water supply to create a generation of flesh eating mutants from our own children?!?

Seriously, you deal with terrorism by NOT being afraid.

You do NOT deal with it by hyping every single fantasy that they can post.

Re:

[plover (150551)]

Seriously, you deal with terrorism by NOT being afraid.

But you don't get re-elected by ignoring the threat. You get re-elected by trumpeting the threats loudly and then touting the lack of successful attacks. Fortunately, this last set of elections proved that fear-mongering by itself isn't enough; or that it can last only so long.

Re:Up next, nano-virus threat to create mutants!

[ScentCone (795499)]

Fortunately, this last set of elections proved that fear-mongering by itself isn't enough; or that it can last only so long.

Heh! Not really. This last election was all about fear mongering. The dems gained seats in the legislature entirely by talking about how people should be afraid of the other party being in control. They certainly didn't win seats by actually spelling out contstructive, real-world things they'd actually, successfully do that would actually be helpful in any way. In fact, just yesterday they made it clear they were already going to break one of their loudest campaign promises (to implement all of the recommendations of the 9/11 Commission). Fear is exactly what it's all about, but they just played it differently ("the republicans want to starve your baby!" "the republicans want to make sure your social security money is wasted on dot-com investments!" "the republicans like to see our soldiers die!" "the republicans work for scary corporations that want to hurt you!"). Say you don't know exactly what I mean.

Re:

[Vellmont (569020)]

The dems gained seats in the legislature entirely by talking about how people should be afraid of the other party being in control.

LOL! You really must be drinking a LOT of the republican kool-aid. The Republicans lost because they've not done anything about the Iraq war, and people are tired of it. They also lost because they've increased spending by a LOT. Combine that with all the scandals hitting the Republican party, and it's pretty obvious that they've dug their own grave. The Democrats are reall

Re:

[ScentCone (795499)]

So, I guess I can't help but laugh when you try to blame (or credit depending on your perspective) the Democrats for the Republican loss in Congress.

You're missing the point! They didn't win by offering anything constructive, they won by saying "they suck, and we're not them!"

Re:

[klaun (236494)]

Heh! Not really. This last election was all about fear mongering. The dems gained seats in the legislature entirely by talking about how people should be afraid of the other party being in control. They certainly didn't win seats by actually spelling out contstructive, real-world things they'd actually, successfully do that would actually be helpful in any way.

I don't think you are being 100% honest in saying the Democrats didn't present anything they planned to do. Pelosi had a rather prominent and pub

Re:Up next, nano-virus threat to create mutants!

[Thansal (999464)]

What happens when the same joker posts a call for nano-viruses to be released into our water supply to create a generation of flesh eating mutants from our own children?!?

I buy the movie rights!

Re:

[spellraiser (764337)]

Remember the short-lived slashdot meme '... in Japan'?

There seems to exist a disturbing real-life parallel: '... by Muslim terrorists'.

Any threat automagically gains newsworthy status if this phrase is tacked onto it.

Re:

[JavaLord (680960)]

Seriously, you deal with terrorism by NOT being afraid.

Is making the public aware the same as fear? I don't think so. Fear among the public would likely be worse if they didn't know and it happened.

You do NOT deal with it by hyping every single fantasy that they can post.

The more they make threats they don't follow through on, the more they look weak, the more they look weak, the less recruits they will get. Or didn't you read that whole NIE that was released?

Re:

[owlnation (858981)]

Seriously, you deal with terrorism by NOT being afraid.

Yes. Absolutely. The only way to beat terrorists is to live a normal life. If the NYSE or banks are vulnerable to attack right now without having to add extra defenses and protections, then we must all ask them exactly why our money is not safe already. It's not just terrorists out there, it's mafia botnets and mischievous teenagers and all manner of other black hats. I think we all need a very clear answer as to why any financial institution needs to

Re:

[ScentCone (795499)]

what are they actually up to, hmmmmmmmmmmmm?

Ok, what would you do? You've been accused plenty of not "putting together the pieces" of a looming threat. Arabs taking flying lessons? Nah, that's benign, etc. Then something ghastly happens and it's your fault for not shouting to the rooftops that there's a risk of people crashing airplanes into buildings, etc.

What if there was a bot-net-powered DoS attack on a couple of popular exchange-related sites/services? No big deal in the real scheme of things, bu

Yawn

[davidwr (791652)]

So the banks will have a higher-than-normal amount of crack-attempts this month, and a proportionately-higher number of successful ones.

ok, so if serious breakin attempts go up 10%, and there's a small number of successful breakins every month, that's *punchpunchpunchding* a very small number of additional successful breakins.

The bottom line - your bank's web site may be a little slower to respond, and you may get a little more spam-email "from your bank" this month. Otherwise, business as usual.

Happy shopping everyone.

Re:Yawn

[MrAnnoyanceToYou (654053)]

If there's anything about America I have faith in, it's the ability of the financial system to perpetuate itself. The only thing that could possibly drag it down (short term) at this point would be Microsoft going rogue and having a back door into everything they used to rip the entire system apart...

Fortunately /unfortunately enough, I don't think they're organizationally capable of this.

Re:

[Prof.Phreak (584152)]

So the banks will have a higher-than-normal amount of crack-attempts this month

From what the article describes, it seems they're bent on destroying data... and as everyone knows, all major financial institutions keep all (one and only one copy of) their most critical data on one web-server connected directly to the internet with a publically accessible website. Get access to that box, and the whole economy is in ruins.

Interesting..

[AnswerIs42 (622520)]

The news articles I have seen, read and heard all said there was "No Credible Evidence" that this was a real threat.

Save for the one slashdot finds and posts..

Not gonna happen

[31415926535897 (702314)]

This is a very funny attack. All of the important network connections, those that allow the NYSE and other exchanges to operate, and connections between them and brokers are not on the Internet. There are connections from the NYSE to the Internet, but they are not needed for trading (it's for when the traders are bored, they can look at porn). This group would definitely need somebody working on the inside to do any real damage.

The best these groups could do are take down the websites of discount brokerages (E*Trade, Ameritrade, etc.), but that won't have one bit of impact on the financial markets. Even if those websites go down, the brokerages will still have their direct connections to the exchanges, so if you can call your broker, you'll still get your trade through.

I wish them the best of luck, because their attack is an exercise in futility.

We're all so smart

[bill_mcgonigle (4333)]

I wish them the best of luck, because their attack is an exercise in futility.

Let's stop underestimating the Enemy and thinking the DHS is just a bunch of foolish baboons, OK? Maybe they know something we don't, eh?

This group would definitely need somebody working on the inside to do any real damage.

This seems neither unlikely nor improbable given Al Qu'e'da's facination with Wall Street and the amount of time since the attack on the World Trade Center.

Re:

[bughunter (10093)]

Most people don't understand these details, and they thing "OMG Comuters. Hackers. Everybody Panic!" Including the editors and reporters in the media.

Even their sources say there is no credible threat, but the mainstream media sensationalizes it anyway. And the average joe FOX/Oprah/MTV viewer gets another dose of anxiety-inducing semiotics.

That is why "warnings" like this have their desired effect. FUD.

about time for another one

[WolfMansDad (253294)]

Warning, that is. Don't you know we're at war! Americans aren't that good at hate, so we have to be given something to fear. Keeps the govt in business.

Re:

[plover (150551)]

*RING* *RING*

"Hey, Osama, it's for you. Some guy, says his name is Emmanuel Goldstein, says you're stealing his routine."

FEAR Fear fear

[truckaxle (883149)]

"There is no information corroborating the threat and that the alert was issued as a routine matter and out of an abundance of caution" How the hell does this make the news. Oh my the cyber-islamicfacist-terrorists are coming for us. "Radical muslim groups" are constantly making the threats. If they can do, they do, if they can't they make threats to inflate their balls and those stupid enough to follow them.

Not all systems on the internet

[truthsearch (249536)]

The largest banks, plus the stock exchange, still use a wide array of platforms. The stock exchange web site, for example, is not directly hitting the actual stock exchange servers. Most of your bank transactions still go through mainframes. A typical setup is for central transaction servers to push data files to data warehouse servers for reporting purposes. Most systems then run off of these reporting servers.

Between the variety of systems and the layers of security between each it's very unlikely that a virus could bring down the stock exchanges. Or your bank. It's far more likely that their web sites and corporate desktops would go down. The "money" in the wires is far safer.

Best part is

[future assassin (639396)]

this attack will be done from American by Americas very own joe and jane's zombie machines. Dad shoul'd have stayed away from those free pron sites when mom is in bed, now he's a terrorist helper.

Rob wrote

[Rob T Firefly (844560)]

Attention tube terrorists.. could you please target the specific stock and mortgage people who keep spamming me?

The worst thing they cold do

[plopez (54068)]

Is target zombie networks and insure that Americans are deprived of Viagra ads, weight loss programs, stock tips and penis enlargements.

The cost to the US could be crippling! Think what would happen if these emails ceased!

Like I said, this is the *worst* thing they could do. ;)

Tom Clancy BS

[Absolut187 (816431)]

This sounds like some bullshit that came out of a Tom Clancy novel.
Just like his ridiculous plot where terrorists hijack an airliner and crash it into the Capitol building. What a retard. That never happened.
I think the hackers disrupting the stock market came from "Debt of Honor" but I'm not sure.
Its funny that the U.S. government is about 15 years behind Tom Clancy.
And by "funny" I mean "incredibly frightening."

One Whole Post

[Siker (851331)]

It's amazing how much you can do with a single post on a single website when people are afraid of the dark.

Coming up next - Homeland Security issues alert after cousin's roommate's girlfriend heard from friend that man with turban was spotted in New York.

Bomb threats beg for publicity

[DECS (891519)]

The worst response to a passive terrorist threat is to publicize it - by putting it on Slashdot.

That's Funny

[eno2001 (527078)]

I don't EVER remember living in the "homeland" until the Bushista regime seized power. I still like to call this America myself. Former land of the free and brave. Now home of the politically blind and cowardly.

Homeland?

[GrumblyStuff (870046)]

I like that term. It's like living in Soviet Russia.

It makes me feel all warm and paranoid inside.

Re:

[Timesprout (579035)]

Such an attack is doomed to failure when the terrorists encounter the first cyber actors.

Re:

[JavaLord (680960)]

those guys in oklahoma city, sure looked moslem,

While I realize you are trying to make a point, your ignorance keeps you from doing so. Ever hear of John Doe #2 at OKC? The guy they never caught? Funny how he looks like Jose Padilla [greatdreams.com]. Even if he isn't Padilla, he was described as middle eastern looking by multiple witnesses even if Jose himself wasn't middle eastern.

not to mention the ira,

The guys that used to call in their bomb threats so they wouldn't kill any innocents? lol.

As for why

Re:

[DrDitto (962751)]

I saw this on the news this morning, why the hell would anyone release a warning that says your under attack and in the same sentence say there is no evidence to support it? uh, maybe you should find out first.

Because various U.S. government agencies got wind of an impending attack in August of 2001. However they had no real evidence to support it besides some "intelligence chatter". The rest is history. People are covering their asses this time.