The Doomsday Click (MP3) is a Michael Specter piece from May 2001 on the engineering and spread of malware on the Internet. The full text is available. The MP3 is part of a collection at Assistive Media of New Yorker articles available as audio – good listening there.
Some things mentioned there include
Peter G. Neumann’s RISKS Digest, Forum On Risks To The Public In Computers And Related Systems.
“To do this stuff is utterly trivial,” Peter G. Neumann, who is a principal scientist at SRI International, the technological consulting firm, told me. “Every other kid can do it, and we know that. That isn’t what worries me.” Neumann, who is sixty-eight, has worked at and advised many of the nation’s most important universities and government institutions, from the Navy and Harvard to the highly secretive National Security Agency. Mostly as a hobby, he moderates a forum on the Internet and produces a running list called “Illustrative Risks to the Public in the Use of Computer Systems and Related Technologies,” which is the most frightening collection of random dangers I have ever seen. “What worries me is the big one,” Neumann said, as we sat in his office in Menlo Park, California, one day. “People don’t like to talk about this, because it’s seen as encouraging the enemy, but absolutely everything is riddled with security flaws. Hackers can get into our most important systems in minutes, sometimes in seconds.
“And they do,” he added. “The Internet is waiting for its Chernobyl, and I don’t think we will be waiting much longer; we are running too close to the edge. When a third of the computer drives in America are wiped out in a single day, when the banking and commerce system is overcome, or the power grids and emergency-response systems of twenty states shut down because of a malicious computer attack, maybe then people will think about what’s going on here.”
Bruce Schneier’s Schneier on Security blog.
“Computer security is a forty-year-old discipline,” Bruce Schneier told me not long ago. Schneier created two of the most heavily used encryption algorithms, and his recent book on digital security, “Secrets & Lies,” is perhaps the best popular exploration of the subject. “Every year, there is new research, new technology, and new products,” he said. “Really good research, really good technology, and really good products. Yet every year the situation gets worse. Much worse. The Internet is just too complex to secure.”
So Schneier decided to stop trying. Instead, he started Counterpane Internet Security, which relies on the skills of humans, flawed and inconsistent as they are, to manage the risks. Counterpane installs a special warning box–a Sentry–in every computer network it monitors. The sentries funnel information to a central knowledge base that keeps track of each client’s idiosyncrasies. “We are like a fire brigade,” Schneier told me. “Or an emergency room. In the real world, this kind of expertise is always farmed out.”
Counterpane was recently acquired by British Telecom.