Although there have been no reported cases of cyberterrorism or hacks of corporate or U.S. government sites, companies must remain vigilant in the coming days because there is every expectation that the Web will be used as a terrorist weapon, Gartner Inc. analysts said Monday in a conference call with clients and media.
Soon after last week's horrific terrorist attacks on U.S. targets, government officials and analysts alike issued warnings that cyberterrorism is likely. Those alerts have not been rescinded and are not likely to be any time soon, based on comments made by analysts. Various corporate clients who called into the conference asked analysts questions related to cyberterrorism and what precautions to take.
The expectation is that "as we start waging war," there will be attempts to hack U.S. Web sites, and that could include companies, said analyst Rich Mogull. His war reference was to open talk among U.S. officials, including President George W. Bush, that military retaliation will occur soon. Bush has said repeatedly that the U.S. is now at war, and although Congress has approved allowing him to use force, there has been no formal declaration of war.
Rhetoric aside, Bush and others have said there will be retaliation and that it will be sustained and occur over a period of time. U.S. residents are also being warned by government officials and terrorism experts that military retaliation is likely to lead to further terrorism, carried out in retaliation for the retaliation, so that an escalating amount of violence might occur for a time. The situation has parallels in the Middle East, where Palestinians and Israelis seem locked in a continual cycle of retaliation.
"War games" to simulate cyberattacks have been carried out, said French Caldwell, a Gartner analyst with an extensive government background, including work with the Department of Defense. While he said he could not offer specific details of those simulations and who participated in them or what conclusions they led to, he did say that the possibility had been considered that cyberterrorism could be used as "a distraction or precursor" to physical terrorist attacks.
Companies should be checking security programs and response plans, analysts advised when asked what to do by a client who said her company operates an electronic-commerce site. She was curious at what point such sites should be taken offline. While there's no need to take sites offline as a precaution, companies should be on alert for anything suspicious in terms of site traffic, which could indicate that an attempted denial of service attack is under way.
All companies should be updating antivirus and other security software as a matter of course, the analysts said.
Throughout the teleconference, analysts and representatives of disaster recovery outsourcing companies emphasized that the human and emotional toll of the attacks, which left more than 5,000 missing and are likely to have killed scores of people, remain the most trying aspects of recovery. While companies try to account for employees, help families of those missing or known to be dead and also open for business again in the near term, there could be larger IT industry issues over time, Caldwell said.
The U.S. has not operated in a wartime mentality for many years -- not since World War II -- and so there isn't much in the way of intellectual capital to help companies plan and prepare for operating in a time of war, whatever that turns out to be in this case.
"This is a lost art," Caldwell said, "and most corporations are not familiar with what it takes unless you happen to be headquartered or based in countries where this is still an issue."
Many IT companies have employees who are members of the military reserves and are already being called to duty, he said. Beyond that, companies need to consider which of their employees have the sorts of specialized skills that the government will need.
"They're going to put strong demands on people with IT skills," Caldwell said, adding that as military action gets under way the U.S. government might put in place a "selective draft," calling into military service IT professionals who have needed skills. Such a scenario isn't likely to happen immediately, but Caldwell envisions it as a possibility a year or so from now.
Gartner will conduct another teleconference related to disaster recovery Tuesday from 11 a.m. to 1 p.m. Eastern time. The numbers to call are: North America, 1-800-553-2197; outside North America +1-303-276-1001. The identification number for the Tuesday teleconference is 1217931.