As President Clinton convened a high-level summit on Internet security, the
FBI announced it is looking for three hackers who go by the online names of
"coolio," "mafiaboy" and "nachoman." While not saying they are
suspect, the agency wants to question them in connection to the series of
denial-of-service attacks on popular Web sites in the past two weeks.
"Coolio" is an American-based hacker, while "mafiaboy" is
a Canadian teen. A third suspect, "nachoman" is a male who allegedly
"confessed" taking part in the recent attacks to a staff member of the
popular security site, Attrition.org. The FBI this week also sent investigative
leads in the Internet attacks to four countries, reportedly including Canada and
Germany where a 20-year-old programmer known as "mixter" created the
software tools that was used in some of last week's attacks. Mixter has stated
that he will cooperate with the FBI.
Meanwhile, President Clinton conducted a high-level summit focused on
Internet security. Clinton met with about 20 industry representatives (including
a hacker-turned-security-consultant), national security experts and Attorney
General Janet Reno. Clinton said that while the electronic attacks are a
"source of concern" they are far from and "electronic Pearl
Harbor," as some have called the attacks. "I don't think that the
analogous loss was that great. I think it was an alarm. I don't think it was
Pearl Harbor where we lost our Pacific fleet.
This is a challenge that was entirely predictable. It's part of the price of
the success of the Internet." Participants at the meeting discussed ways to
improve security on the Internet, especially on how to protect powerful Internet
servers from which the attacks were carried out. "It was a failure of
security at those that allowed the attack software to sit on their machines
unnoticed," said Terry Milholland, chief information officer at Electronic Data
Systems.
Clinton said he has asked U.S. Congress for $2 billion this year to protect
the government's computer infrastructure. He made clear that he did not want to
do anything that would undermine the high-tech industry, which he said accounted
for 8 percent of U.S. jobs and 30 percent of its expected growth. "The
trick is going to be how to do what needs to be done on security and privacy and
still keep it flourishing and growing," Peter Solvik, chief information
officer at Cisco agreed the industry is not in a crisis. "We're certainly
not facing a crisis but the events of last week show that everyone -- Internet
users, Internet companies, and government -- need to work together to strengthen
Internet security."
Charles Wang, chief executive of Computer Associates International said the
government has a lot to do, by example and by education. But the private sector
has to drive the security of the Internet. " You need prevention.
Ultimately, we have a problem -- a big problem. The government and private
sector is working together, and that can help. One-third of passwords are never
changed. Companies need to be more vigilant in their own internal security to
prevent such attacks. We did agree to work together to create a task force to
understand how' to collaborate."
Whitfield Diffie of Sun Microsystems, said he told Clinton the hacking
incidents pointed up a problem with the security of individual computers.
"What we saw were a whole lot of computers taken over. I said, 'This is as
though you lost an election because a lot of people voted against you, and they
didn't even know they voted’." Hewlett-Packard general manager of
Internet security, Roberto Medrano said Clinton was interested in hearing about
what problems exist and what else should we be doing. "The government is
trying to understand how they should play on this. The general thought is four
groups need to work together: the government, industry, academics and private
individuals."
The most unusual participant in today's White House meeting was Mudge,
nickname for a member of a "think tank" of hackers who perform security
consulting under the name AtStake.