April 26, 2005 3:24 PM PDT

Security guru slams misuse of 'cyberterrorism'

Related Stories

British banks to provide extra Web security

April 14, 2005

Time to regulate the software industry?

February 16, 2005

A key to security

October 28, 2003
An Internet security expert told conference attendees Tuesday to use the term "cyberterrorism" properly--and played down the spread of government-sponsored hacking.

Organizations are abusing the word by using it to fuel their budgets, Bruce Schneier said.

Speaking at the Infosecurity Europe conference in London, the renowned author and cryptography expert called cyberterrorism a myth that has yet to become to a threat to human life.

"Nobody's getting blown to bits," Schneier said. "I don't think that cyberterrorism exists--if you add 'terrorism' to things, you get more budget. If you can't get e-mail for a day, you're not terrorized, you're inconvenienced."

"We should save 'terror' for the things that deserve it, not things that piss us off," he added.

Schneier said governments around the world, despite having teams of specialist hackers on hand, were not attacking each other. "I don't believe there is that much government hacking. That's just silly--adults don't do it. But we know that countries are spending money on military hacking organizations--Israel, China, (the United States) and everyone else."

The defacement of government Web sites is a small threat to governments, he said. "It's kids playing at politics. I don't think it's politically motivated."

Schneier added that the sophistication of worms and viruses will likely improve, as hackers develop reconnaissance viruses that are able to carry out vulnerability assessments and report back to the author.

Dan Ilett of ZDNet UK reported from London.


Join the conversation!
Add your comment
But what do you expect in an age where the US government defines terrorism and any sort of action that goes against US policy and intentions. IE Demonstrating against the US anywhere can be construed as terrorism now.

But companies and governments need their control, and the cowardly, firghtened masses are willing to cower like sheep, and on cue for them.
Posted by pcLoadLetter (395 comments )
Reply Link Flag
Isn't It Ironic...
That if these so called "threats" were not researched and/or prepared that when/if something were to happen that it would be an even bigger issue?

my $0.02!
Posted by (14 comments )
Reply Link Flag
Cracking, not hacking
Since Mr. Schneier is being pedantic about the use of "terrorism", he should also stop using the word "hacker" the way he is. He should be using the word "cracker" ("cracking", etc.) instead. "Cracker" is bad, "hacker" is harmless.

Posted by poster48150 (167 comments )
Reply Link Flag
Please don't lets start a hacking v cracking debate
Being even more pedantic than you, Jim, "hacking" simply implies using a quick and dirty technique, rather than doing the job "according to the book."

Schneier is not misusing the word, although he might confuse a younger audience less by using the modern term "cracking" that everyone undertands to mean "criminal stuff."
Posted by furl12 (50 comments )
Link Flag
Please visit dictionary.com
Do you know what "pedantic" means? He wasn't being pedantic, he was making a point--unlike yourself.

In his case, there was a very good reason to point out the misuse of the word "terrorism".

In your case, you're trying to look intelligent.
Posted by TimeBomb (70 comments )
Link Flag
More is less
Ive noticed an interesting phenomenon. Systems are becoming *less* secure because of recent changes in the way corporations approach the security issue.

Twice within the past week, Ive been obliged to share my password and other confidential information with the administrative personnel of different large organizations so that they can perform their normal tasks. That hasnt happened to me in many years.

These two incidents werent examples of phishing, but they are an example of how weve made life easier for the bad guys.

Bruce Schneier is right about his main point: weve thrown away common sense in our zeal to control.
Posted by furl12 (50 comments )
Reply Link Flag
Bruce has sold out
I know Bruce. I have even chatted with him in a cubicle a few times. On this issue I'd disagree with his proclamation as "cyber terrorism" being a myth.

True no one has been blown to bit's (yet) but lives have been threatened due to the insecurity of networks. A prime example was the power outage of the east coast. Although it's never been publicly stated, I'd bet my bottom dollar that the root cause was a worm or virus that got onto the controlling systems of the grid. Sure hospitals were protected by UPS systems, but what about the general public that rely on oxygen generating systems, or other life support systems in the home? Those stopped working.

If a worm or virus can get in, then so can a mythical cyber terrorist.

The problem is not just limited to the traditional power grid (nuclear power plants are part of that grid - btw). The problem spans to every single automated system that attaches to a "connected" machine anywhere on the controlling network.

One point I do agree on with Bruce is that the cyber terrorism buzz word is being used to beef up security budgets. Our opinions differ on the benefit of that though. It appears to me that Bruce is stating that waste is being perpetrated. My opinion is that security has been under funded and has been a tough sell for way too long.
Posted by (1 comment )
Reply Link Flag

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot



RSS Feeds

Add headlines from CNET News to your homepage or feedreader.