Security Experts Warn of Holes in Lotus Domino

Can't say we didn't warn you. SDI and TrustFactory announced multiple Lotus vulnerabilities at DefCon 2000. The announcement actually attracted a lot of media attention, but we still wouldn't let them attend the party.


The Web Is a Hacker’s Playground

An article from PCWorld in which I am quoted. She didn't quite capture what I was trying to say regarding certification, but it is a decent article.


Computer Security: Who Won the Balkans Cyberwar

I am not sure I would classify this as warfare, but it is an interesting read anyway.


Internet-Based Attack Risk Distracts Organizations From Internal Trouble

SIGNAL Magazine came and interviewed myself and several others during my tenure at SDI. They were actually a very good organization to work with as they visited our site and really took time to conduct multiple interviews and to incorporate graphics from our powerpoint briefings, etc. The graphics aren't in the version below.


Hackers Intensify Fears Of Industrial Espionage

A story on information security risks that appeared in National Defense Magazine.


Generation Hack

This is a popular culture piece written for the now defunct Upstart Magazine. It is a first person perspective from a 1996 hacker conference that I attended.


Hackers open door to Windows

Each year, I get numerous requests from the media to discuss events surrounding the DefCon hacker conference in Las Vegas. In this story, the Financial Times spoke to me about the role that WhiteHat hackers play in the security community. I am still not a fan of security through obscurity.


Was it You Who Attacked Yahoo?

The Guardian in the UK was one of several media outlets that ran with stories inspired by my DDOS editorial in 2000.


Organizing for Information Warfare: The Truth is Out There!

Coauthored with Brian Houghton and Neal Pollard, this is the follow-up to our "Toaster" paper. Written in 1997, it was exclusively circulated within the U.S. government, but was later made available to the general public.


Information Terrorism: Can You Trust Your Toaster?

Coauthored with Brian Houghton and Neal Pollard, this paper won the 1996 Sun Tzu Art of War Research Award and has been published by the National Defense University Press, Terrorism and Political Violence Journal, and Jane's Newsletter.


DDOS Editorial

This editorial was written shortly after the Distributed Denial of Service attacks in 2000. It describes the emerging issue of legal liability associated with poor security practices. In 2002, we actually have courts taking action in this critical area. While I think due diligence will be a key motivator for information security, the fact that federal judges can shut down entire infrastructures (as happened with the Department of Interior) makes me a little nervous.


CNN Soundbite

The real exposure to information warfare or cyberterrorism attacks exists within the private sector. To that end, I said the following when interviewed by CNN in January 2000: "If you look at the likely targets of an attack by an adversary against the United States, it's not going to be the military computers. It's going to be the private sector infrastructure targets, the major telecommunications switches, the major public power grids."


Political Aspects of Class III Information Warfare: Global Conflict and Terrorism

The following are unproofed, unedited speaking notes from my presentation at InfoWarCon II in Montreal, Canada on January 18-19, 1995. It is interesting to read them today and see how little has changed.


Future Presence Interview

In February of 2000 I was interviewed for Future Presence, which is a publication of the Arlington Institute.  Given the length of the interview and the breadth of material covered, I think it makes for a very interesting read.


On-line Security – Lock Your Doors

In February, we saw an unprecedented salvo of denial-of-service attacks against major e-commerce sites, including Yahoo Inc., EBay Inc. and Amazon.com Inc. These attacks have cost millions of dollars in lost revenue, not to mention the intangible impact on customer confidence. In fact, one estimate is that the cumulative damages may total as much as $1.2 billion.


Wireless Network Hacking

I was interviewed for a CBC documentary on cyberterrorism several months ago. This segment is one of the better one's I have seen on the topic and the demonstrations of wireless network mapping are very interesting. You can view it online.