We may see a major Cyberterrorism event in 2003, causing major loss of Internet connectivity. Even those in countries not directly involved may suffer from backbones in the United States and elsewhere being "taken out", causing their systems or their customers' systems being "knocked off the web". With an anticipated 23 million homes in the U.S. alone expected to have broadband in 2003, the potential for massive Distributed Denial of Service (DDoS) attacks is huge. With so many of these being unprotected Windows systems, this DDoS will be easy to do.
Sadly, the U.S. Government's draft Cybersecurity proposal can most kindly be described as naive and ineffective. Its reliance on voluntary good practices, if it was the basis for criminal law, would be called anarchism. An excellent opportunity to make organizations and individuals and ISPs responsible for their problems was lost. Sheesh. The penalties for not stopping one's dog from barking are more severe in most jurisdictions.
The growth of wireless networks will continue. With current wireless technology lacking decent security, many networks will be compromised. While many organizations do have a firewall, they fail to harden systems behind them. Thus, a single weak point such as a wireless component will allow many systems to be compromised. I advised the use of firewalls between different parts of large companies to limit the spread of a compromise in the first edition of "Real World Linux Security" back in 2000. Unfortunately, many organizations fail to do this.
I predict a major Linux virus in 2003, perhaps through Netscape via email or through Instant Messaging. A vulnerability in Java or the RealAudio or RealVideo player could be a vector for the spread of a virus. If Microsoft starts offering products for Linux in 2003, as far as security is concerned, good luck.
A blended attack is a distinct possibility. This might be a large truck bomb taking out a large building at the same time an Internet attack takes out "911" emergency switchboards and the city's traffic light system. This would prevent rescue workers from helping the victims and increase the terror.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.