In anticipation of the upcoming protests at Friday’s World Bank and IMF annual meeting, the FBI’s National Infrastructure Protection Center(NIPC) issued a warning to SysAdmins advising them to monitor their information systems and networks for computer intrusions by blocking or limiting unnecessary inbound traffic, regular review of system logs, and password and login changes, disabling inactive user accounts, and ensuring recommended patches are in place.
That seems like good advice for all occasions. Why worry about “cyberthreats” at the World Bank & IMF annual meetings, as opposed to any other times?
Because…
Similar to past meetings of the IMF and World Bank, thousands of protestors are expected to turn out near the Washington, D.C. headquarters of these two institutions. These protestors represent a loose alliance of groups that have environmental, anti-globalization, debt-relief, or human-rights agendas. Although they are not a unified grouping, these protestors have grown more familiar with each other during several past protests. This may give rise to coordinated action during the upcoming protests.
Prior protests against the IMF and World Bank were disruptive and resulted in minor clashes with police and property damage to businesses. Some protestors may be planning criminal or violent activity-especially against local branches of companies or organizations that represent capitalism and globalization. In addition, a small group that intends to disrupt the meetings with a physical attack may use cyber means to enhance the effects of the physical attack or to complicate the response by emergency services to the attack. The cyber portion of this attack can be executed by sympathetic hackers or by mercenary hackers seeking publicity.
Physical attacks? Cyber attacks? Shady, “loose” alliances? Debt-relief protesters? This sounds like a menace that threatens the very core of U$ values. And what about those sympathetic hackers? What kind of damage can they cause?
Well, “Cyber protestors can engage in Web page defacements, denial-of-service attacks, misinformation campaigns, and the like.”
Logically, the author would lay out the most serious threats and leave vague phrases like “the like” out unless “the like” refers to something of common knowledge just below the threat level of the aforementioned potential violations of federal law. “Putting boogers on the keyboards” is the most serious crime that we can think of to fit “the like.”
Since nobody actually goes to the World Bank/IMF websites, it’s hard to see how defacement or denial of service attacks would be worth the effort. The potential “misinformation campaign” sounds like “sedition” or, more accurately, disagreeing with power and having the balls to tell everyone about it in writing.
The “physical” protestors are, for the most part, idealists with no interest in hurting anyone or spending extended time in jail. Outside of the Seattle 1998 WTO debacle, “physical” protester have proven themselves to be tame and utterly uncoordinated.
Even half-ass SysAdmins don’t need to be reminded of basic security measures dictated by NIPC’s priceless advice, so this recent warning begs an important question: Just who is the target audience?