-Caveat Lector- From: "Hilary A. Thomas" <[EMAIL PROTECTED]> Experts Warn of New Y2K Threat: The Hired Help 9.48 a.m. ET (1348 GMT) July 29, 1999 By Ted Bridis WASHINGTON � Two of the government's top computer security experts are warning that some programmers hired to fix Year 2000 problems may be quietly installing malicious software code to sabotage companies or give themselves access to sensitive information after the new year. The ominous warnings were part of testimony prepared for a hearing today about the so-called Y2K glitch and cyberterrorism before the Senate's Special Committee on the Year 2000 Technology Problem. Michael Vatis, director of the FBI's National Infrastructure Protection Center, said experts hired by U.S. companies to fix their computers could secretly program "trap doors" � ways to let them gain access later � or add malicious code, such as a logic bomb or time-delayed virus that could disrupt systems. "While systems have been and will continue to be extensively tested, the probability of finding malicious code is extremely small," agreed Richard Schaeffer, director of the Defense Department's Infrastructure and Information Assurance program. Neither expert suggested the possible scope of the problem. Schaeffer said problems are complicated by the New Year's rollover, when some computers programmed to recognize only the last two digits of a year may mistake 2000 for a full century earlier. "It may be difficult to distinguish between a true Y2K event and some other anomaly caused by a perpetrator with malicious intent," Schaeffer wrote in prepared testimony. Both experts said the risks were exacerbated by the amount of software repaired by companies overseas. Vatis called the situation "a unique opportunity for foreign countries and companies to access, steal from or disrupt sensitive national and proprietary information systems." "Since any vulnerabilities that are implanted will persist as long as the software is in place, this is a problem that will last well beyond January 1, 2000," Vatis said. Vatis recommended that companies thoroughly check the backgrounds of companies they hire for software repairs. He also said they should test for the existence of trap doors after the repairs, possibly even hiring teams to try to electronically crack into their own networks. The latest warnings come on the heels of new disclosures about White House plans to create a government-wide security network to protect the nation's most important computer systems from hackers, thieves, terrorists and hostile countries. The 148-page proposal from the Clinton administration describes building an elaborate network of electronic obstacles, monitors and analyzers to prevent and watch for potentially suspicious activity on federal computer systems. Civil liberties groups complain that the security tools also would make possible unprecedented electronic monitoring, especially because of the increasingly widespread use of computers by the government in almost every aspect of its citizens' daily lives. The White House defended the proposal. "We are very concerned about protecting privacy rights," said Clinton's national security adviser, Sandy Berger. "But there is also a privacy right in not having hostile entities attack systems. We're not only talking about 17-year-old kids in their basement. We're talking about governments that we know are developing systems to get access to our computer systems." The first 500 intrusion monitors would be installed on nonmilitary government computers next year, according to a draft copy of the proposal obtained by The Associated Press. The full system would be completed by May 2003. The plan also suggests ways to convince private companies to monitor their corporate computer networks and share information about threats. But it said explicitly that the government will not force companies to permit federal monitoring of their systems. --------------------------- ONElist Sponsor ---------------------------- ONElist announces "FRIENDS & FAMILY!" For details, including our weekly drawing, go to http://www.onelist.com/info/onereachsplash3.html ------------------------------------------------------------------------ InTheShadows is a discussion list dedicated to keeping up-to-date with new technologies, advancements in medicine, environmental concerns, 'conspiracy theories', politics, and, of course, UFO stuff. Discussion is encouraged. Bashing and soapboxing will get you bounced off the list. Be prepared for 50 posts per day. Digest format available. To subscribe send a blank email to: [EMAIL PROTECTED] To unsubscribe send a blank email to: [EMAIL PROTECTED] List Moderator: Hilary Thomas [EMAIL PROTECTED] DECLARATION & DISCLAIMER ========== CTRL is a discussion and informational exchange list. Proselyzting propagandic screeds are not allowed. Substance�not soapboxing! These are sordid matters and 'conspiracy theory', with its many half-truths, misdirections and outright frauds is used politically by different groups with major and minor effects spread throughout the spectrum of time and thought. That being said, CTRL gives no endorsement to the validity of posts, and always suggests to readers; be wary of what you read. CTRL gives no credeence to Holocaust denial and nazi's need not apply. Let us please be civil and as always, Caveat Lector. ======================================================================== Archives Available at: http://home.ease.lsoft.com/archives/CTRL.html http:[EMAIL PROTECTED]/ ======================================================================== To subscribe to Conspiracy Theory Research List[CTRL] send email: SUBSCRIBE CTRL [to:] [EMAIL PROTECTED] To UNsubscribe to Conspiracy Theory Research List[CTRL] send email: SIGNOFF CTRL [to:] [EMAIL PROTECTED] Om
