So to make a long answer short, full disclosure needs to be measured. I think the approach that Dan Kaminsky and Paul Vixie used in disclosing a recent DNS vulnerability is acceptable. They coordinated fixing a certain technology with all of the vendors of DNS server software prior to publicly disclosing the problem. This allowed the vendors time to get repair kits for the locks ready before details of the vulnerability were common knowledge.
What do you expect from the future? Is it likely for a serious “cyberterrorism” event to take place in the next 12 months, or do you see it as hype?
I think the future will be frustrating for organizations that depend on the Internet. One can do everything right and if someone, really anyone else on the net, does not do what they should, you will potentially feel the negative effects. The Internet is inherently not a protected system. Don't get me wrong, it is extremely resilient, but it is not protected. The Internet functions daily at a level which was never imagined by its designers. Frankly, it is amazing it works at all sometimes. Internet vulnerabilities are not all together just hype. The scenarios are plausible and easily accomplished. So the real question is - why wouldn’t a serious event take place on the Internet?
We have already seen coordinated attacks on Estonia and Georgia. It is a well known fact that significant bot networks exist under the control of disreputable organizations. The only saving grace with bot networks and their being propagated by organized crime, it that the goal of organized criminals is to make money, and in order to achieve their goal, they need the Internet to work reliably. So it is unlikely that a bot network will extemporaneously cripple the Internet as that would be counterproductive to their goals.However, these bot networks can be rented – and those potentially renting them could task them with disruption of the Internet, at least for a time. All that is required is motive and that certainly exists in many different forms. Well informed network administrators must be ever vigilant so that their systems are properly configured and must quickly implement both reactive and preemptive security patches.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.