Truth About Computer Security Hysteria

Virus deluge on 9/11/02?

"VIRUS AUTHORS TO Sow Different Terror on 9-11," a BusinessWorld newswire screams:

Will virus writers unleash viruses on the first anniversary of 9/11? Do they secretly plan to delete western civilization with two mouse clicks?

As the first anniversary of the Sept. 11 terrorist attacks on the United States nears, an executive of a leading anti-virus software provider warned of the possibility that virus writers and hackers would mark this event with computer nuisance attacks. Charles Cousins, managing director of Sophos Anti-Virus Asia, said in an interview with BusinessWorld Online "it is possible that something might happen," referring to virus attacks come Sept. 11, as he cautioned people to be extra careful when opening e-mail.

Hey now, don't get me wrong! I can believe evil-doers will unleash a slew of viruses on the first collapsiversary. I can believe they secretly plan to delete western civilization with two mouse clicks. I can believe the president's computer security advisor when he describes the potential of hacking & viruses as "the functional equivalent of four 767s crashing into buildings."

But I find it difficult to take "Sophos fearmongering" at face value. This BusinessWorld newswire caught me off-guard because ... well, because Sophos doesn't regularly seek out yellow PR.

And let's face it: only a cub reporter would ask a guy in Asia who works for a British firm to ponder if the U.S. will suffer cyber-attacks. Duh!

Spokesmodel Graham Cluley wrote me to say "Sophos's 'official' viewpoint is that there is no evidence companies will be anymore at risk from viruses around Sept 11 than any other time of the year." And indeed, BusinessWorld went on to admit "Mr. Cousins said organizations should be vigilant and practice safe computing any time of the year."

It looks like the person who wrote this tripe picked the wrong firm to quote. Memo to cub reporters: check out our "hysteria roll call" resource if you need quotes for a cyber-terrorism story.

I'VE SEEN LITTLE from the fearmongers about a cyber-terror uprising on the first anniversary of 9/11. Go figure.

"There is no evidence companies will be anymore at risk from viruses around Sept 11 than any other time of the year."

Heck, I can't even find a "terror-versary" prediction from the brand-new fearmongers at Sector5. But who knows? We may yet learn of secret plans to delete western civilization with two mouse clicks.

You may recall mi2g issued a press release on 18 June to warn "pro-Islamic hacker groups [are] joining forces globally." Flunky D.K. Matai stated "there is mounting evidence that individual hacker groups are coalescing and becoming interconnected through a common pro-Islamic agenda..." So maybe there is mounting evidence to support BusinessWorld's fearmongering headline.

This leads me to believe we should shut down the entire Internet as a precaution for 24hrs on 11 September.

An absolutely true story — the spammers of the world announced they'll abandon the Internet on the anniversary of the attacks. Listen to me, folks! When the rats flee a sinking cyber-ship, you should take it as a cue to invoke a precautionary disconnect.

And when I say "shut down the entire Internet," I mean it. Every government website. All military email servers. Every ISP. Any personal home page. Cisco, Sun, Microsoft, Oracle, Boeing, IBM, Intel, Dell, Gateway, AOL (especially AOL!), Office Depot, American Express, eBay, Amazon.com, Progressive Auto Insurance, Hotmail, Westlaw, First Data, Holiday Inn, Anheuser-Busch, Continental Airlines — they should all follow the lead of the world's most retreat-prone military. Let's all disconnect from the Internet for one day on 11 September, strictly as a safety precaution.

You just never know what those diabolical pro-Islamic hackers & virus writers might do.

"The entire Internet" includes computer security firms, of course. Symantec should defend itself with an electron flow impediment; so should Network Associates. mi2g certainly should pull the plug as a safety measure. So should the clairvoyant psychics at ISS. MessageLabs, Trend Micro, Avecho, Kaspersky, Panda Software, blah blah blah. Oh, and I almost forgot Sophos.

CERT^®, CIAC, AFCERT, NavCIRT, FedCIRC, FBI NIPC — they should all shut down on 9/11 to avoid cyber-terrorism. Better safe than sorry.

Vmyths, too!

HMMM. "THERE IS mounting evidence..." Where did I hear this phrase before?

We should shut down the entire Internet for 24hrs on 11 September, just as a precaution. Better safe than sorry!

Ah, yes! An mi2g press release used the same line three years ago to predict a coordinated global computer virus attack. It warned "there is mounting evidence" of a cybertastrophe planned for 18 June 1999. Ironically, mi2g issued their "pro-Islamic hacker groups" press release three years later to the day.

It seems appropriate to quote myself from a column I wrote three years ago:

mi2g flunky D.K. Matai fear[s] a loose-knit group of people who hold jubilees for a better tomorrow. Stilt walkers, musicians, and puppeteers threaten the world with deadly computer viruses. Even worse: hackers organize fun carnivals as a cover for their diabolical plot to inject those viruses into critical banking systems.

mi2g's 1999 predictions never came to pass — but who knows what goes through the minds of stilted virus writers these days? It wouldn't surprise me if pro-Islamic cyber-terrorists around the world banded together to deluge our great nation with digital mayhem on "the first anniversary of the Sept. 11 terrorist attacks..."

Remember when the fearmongers said "everything changed on 9/11"? We really should shut down the entire Internet on the upcoming anniversary of the attacks. Just as a precaution, of course.

Better safe than sorry!