Cyberattacks likely at year's end, experts say

Federal officials increasingly say the greatest Y2K threat will come not from date errors in software but from terrorists, particularly cyberterrorists launching hacker attacks via the Internet.

Stephen R. Northcutt, chief of information warfare at the Ballistic Missile Defense Organization, is the latest expert to warn of this threat. He told an audience of federal managers at the Government Technology Leadership Institute in Washington Thursday to expect network intrusions and other cyberattacks during the entire winter holiday period and especially around the New Year's weekend.

Why might attacks intensify then? Malicious hackers "have a lot of free time on their hands" during the holidays, Northcutt said, recalling that the notorious hacker Kevin Mitnick launched his most famous attack on Christmas Eve in 1994. What's more, he said, attackers are counting on reduced staffing in government facilities over the holidays and a concomitant relaxation of vigilance.

This year, however, the Defense Department and other agencies will be operating Y2K watch centers to make sure they are prepared for attacks as well as software flaws.

Northcutt urged his audience to make sure that only necessary connections to the Internet remain open during the holidays. "Maybe it would be prudent to turn off [less important] services for a week," he said.

Many other experts have issued similar warnings. For example, Don Jones, director of year 2000 readiness for Microsoft Corp., told reporters this fall that Y2K is likely to be a "non-issue" in the United States when it comes to software failures, but he is expecting new viruses, worms, Internet hoaxes and other such problems to arise. "The thing I'm most paranoid about is the virus and worm stuff," he said.

Northcutt also urged systems administrators to be on guard for viruses and other malicious code arriving via e-mail. He warned against a common attack known as a trojan horse. "Ninety-five percent of trojans penetrate firewalls via e-mail," said Northcutt. A firewall is the most common form of network perimeter defense. It monitors all incoming and sometimes outgoing network traffic.

Last week, Rep. Stephen Horn, R-Calif., chairman of the House Government Reform Subcommittee on Government Management, Information and Technology, said he has learned from the FBI that there might be an intensified effort by hackers to invade government computers and spread computer viruses in the days before and after Jan. 1. Horn called for "everyone to be aware of this possibility and take extra precautions to guard their computer systems."