CNN.com - Transcripts

Transcript Providers

Return to Transcripts main page

CNN Live Sunday

What Can Be Done to Prevent Cyberterrorism?

Aired April 29, 2001 - 17:43 ET

THIS IS A RUSH TRANSCRIPT. THIS COPY MAY NOT BE IN ITS FINAL FORM AND MAY BE UPDATED.

THIS IS A RUSH TRANSCRIPT. THIS COPY MAY NOT BE IN ITS FINAL FORM AND MAY BE UPDATED.
STEPHEN FRAZIER, CNN ANCHOR: Two Web sites run by the Departments of Labor and Health and Human Services are back working today after being vandalized by hackers that federal officials believe came from China. This comes days after the FBI has warned Chinese hackers may be targeting U.S. sites.

Hackers replaced a Labor Department page with a tribute to Chinese jet fighter Wang Wei, the pilot who was killed when his jet collided with a U.S. Navy surveillance plane. The attacks are called minor breaches in security, but they do highlight the growing threat of cyberterrorism. So, joining us now with more on all of this is Ben Venzke, CEO of Tempest Publishing, which is actually not a publishing but an intelligence company specializing in terrorism.

Mr. Venzke, thank you for joining us.

BEN VENZKE, CEO, TEMPEST PUBLISHING: Good evening.

FRAZIER: What exactly happens to your computer in this sort of an attack? Does the original material get scrubbed off and replaced with things like that page?

VENZKE: Well, at times when there's tension like this, you're going to see a wide variety of attacks. There are some that are destructive in nature; there are others that are what we would call denial of service attack, where they're preventing you from using some service or feature, and there's others like the ones that you were just describing where someone will break into a system and replace that main Web page with some kind of political message which they may or may not destroy the original data in the process.

FRAZIER: Right. In this case, as you look ahead, who are the likely targets?

VENZKE: Well, what's interesting in situations like this is that traditionally, traditional targets would be embassies overseas, physical locations. But in the cyber realm, frequently what the attackers are going after are those infrastructure targets, which in many cases are private companies, they're ISPs, they're e-commerce sites, or they're Web sites or online businesses that have a very high profile.

At the same time, they'll also go after government targets because of what they represent. FRAZIER: There's a lot more to say about this. It's brand new to most of us, but you have seen this before, haven't you, in places of military or political tension.

VENZKE: Yes, in fact, we saw the first all out conflict, if you will, occur between the Israeli and Palestinians, beginning around the end of last year in October, and it carried through up until about February of this year where literally there were about 400 or 500 different Web sites attacked and a variety of other targets on a daily basis.

FRAZIER: But the attacks aren't really a government action, they're individuals.

VENZKE: Right, and that's what makes this so complex. Regardless of whether or not there is any nation state support or backing for these kinds of attacks, in many cases what we're seeing is either citizens of the countries involved or other supporters around the world on their own initiative launching attacks to right some wrong or to support what they believe is the correct viewpoint, and it lacks the controls and constraints that you would normally have in the normal course of international relations or diplomacy, and it creates quite a new problem for governments to learn how to deal with.

FRAZIER: Which resembles anarchy, really.

VENZKE: In an odd kind of way, and to think about it, if you're the Chinese government or you're the United States and suddenly critical systems, critical communication nodes and other points are being attacked successfully by individuals in another country, how do you respond to that? Do you call up that government? How do you work to create some kind of dissuasive move so that these attacks won't carry out? It's a really tricky and intricate problem.

FRAZIER: Well, when you say dissuasive move, you take it to our last question and very quickly here, what can be done to guard against this or combat it?

VENZKE: Well, from the private sector, what you need to do is take a look at your security posture, make sure that your equipment is actually patched, that you've got the right security measures in place, and exercise some extra vigilance and awareness over the coming weeks ahead.

There is no such thing as 100 percent secure, and unfortunately, there's no magic solution. But it's something that a little extra effort and a little extra work might go a long way toward minimizing any difficulty you could experience.

FRAZIER: Fascinating, and we're grateful for those insights. Ben Venzke from Tempest Publishing, thanks for coming in.

VENZKE: Thank you.

TO ORDER A VIDEO OF THIS TRANSCRIPT, PLEASE CALL 800-CNN-NEWS OR USE OUR SECURE ONLINE ORDER FORM LOCATED AT www.fdch.com