-Caveat Lector-
Cyberwar: the threat of chaos
Hackers can disrupt, but can they make war?
Hackers and other cyber-vandals have become a major threat as the world's
powers rely increasingly on their computers.
By Bob Sullivan
MSNBC
MURRAY HILL, N.J., Aug 6 � Ever since the film �War Games� in 1983,
techno-doomsayers have added fuel to the fiery idea of a digitally driven
Armageddon. The image is simple and seems almost irresistible. A genius in a
dark room hacks away relentlessly for years, then one day gains control of
nuclear missile launch computers. It�s terrifying but not at all realistic,
say most computer security experts. The real cyberwar will be much more
subtle and is likely to employ terror as its chief weapon.
�WE HAVE NOTHING to fear but fear itself,� offered Franklin
Roosevelt during the throes of the Great Depression. He might also have been
talking about the Information Age, where the power of personal computers
seems to offer limitless possibilities for both creativity and destruction.
Not true, the experts say � there are limits to the damage that can
be done with zeros and ones.
Experts like those at Bell Laboratories in New Jersey insist that
image of a pimply-faced geek gaining control of Defense Department computers
is pure science fiction. Even an organized �hack� by well-funded terrorist
organizations who take control of a nuclear missile facility is fanciful,
they say � and hardly worth the trouble. Not when it would be so much easier
to create equal havoc using much simpler methods.
THINKING SMALL
�We are the most technologically advanced country in the world, which means
we have the most to lose.�
� FRANK CILLUFFO
Information warfare specialist Imagine, for example, if the
Internet suddenly stopped working. A hacker group told Congress it could be
done in half an hour. Or if power to major cities were disrupted.
Government-hired hackers did that in four days in 1997. Or if parts of the
911 system were cut off. A Swedish hacker now in an asylum managed briefly
to cut off 911 service in Florida two years ago.
Such �nuisance� hacks on infrastructure are less dramatic than the
hijacking of a missile, but they might be more effective.
�The psychological impacts of IW (information warfare) can�t be
overstated,� said Frank Cilluffo, director of the Information Warfare Task
Force at the Center for Strategic and International Studies. �Using it,
terrorist groups can achieve what they cannot militarily.
�We are the most technologically advanced country in the world, which
means we have the most to lose,� he added. �The United States is not very
prepared to lose power, for example. And how long can you live without that
database? What if suddenly all e-commerce were cut off?�
TARGETING FINANCE
Throw banking into that e-commerce category. During the Kosovo
conflict, numerous reports suggested U.S. intelligence agencies had hired
hackers to tinker with international bank accounts full of Yugoslav
President Slobodan Milosevic�s money. There was plenty of debate in the
security community about how possible this might be, but even the idea sent
shudders through the financial industry. Once that Pandora�s box is open �
once one government�s hackers are capable of freezing or altering personal
bank account information � other governments and terrorist organizations
surely would follow suit. And since the entire banking system is based on
confidence, such an attack could completely undermine the integrity of the
banking system, according to Kawika Daguio, executive vice president of the
Financial Information Protection Association.
THE MULTIPLIER EFFECT
Cilluffo�s biggest concern is not an all-digital attack, but the use
of computers as a multiplier for a more traditional attack. Imagine if a
hacker had disabled 911 during the Oklahoma City bombing in 1995. Not only
would medical help have been severely delayed, leading to more death and
destruction � the resulting confusion would at least be demoralizing and, at
worst, create a panic.
For proof of the potential for mob psychology, experts point to the
Y2K bug. Even with several years� warning and continuous announcements that
computers are Y2K-compliant, banks report cash hoarding has already begun,
and survivalist-minded individuals are squirreling away water and dry goods.
�The actual problem is usually 10 times less damaging than the public
perception of it,� said Space Rogue, who runs the Hacker News Network
service.
The threat: real or not?
There�s plenty of debate about how severe the cyberthreat is, though
recent signals from the U.S. government suggest federal agencies are taking
it very seriously.
Just last week, The New York Times was leaked a document showing the
National Security Council is working on a Big Brother-like electronic
monitoring system called the �Federal Intrusion Detection Network.�
The plan�s director told the Times: �We know� foreign governments are
developing cyberwar capabilities, and �we have good reason to believe that
terrorists may be developing similar capabilities.�
ELIGIBLE RECEIVER
The National Security Agency�s 1997 cyberwar �fire drill� may have
inspired the study. In a military exercise code-named �Eligible Receiver,�
35 hackers hired by the NSA gained access to 36 of the 40,000 government
networks within four days. They were able to gain control of major power
grids and could have disrupted power in Los Angeles, Chicago, Washington and
New York.
But nothing nearly so sophisticated is required. In testimony to
Congress last year, members of the hacker group L0pht said they could bring
the Internet to its knees in less than an hour.
�It is not difficult at all to fool, confuse or corrupt major [domain
name] servers,� Dr. Mudge, who testified to Congress, told MSNBC. �There are
many more interesting attacks that could be much more devastating, dealing
with disrupting routing between major tier-one service providers (that is,
stopping MCI from being able to talk to Sprintnet, etc.) and is completely
feasible, doable with very little effort.�
And the number of technologies that might be turned against the
United States continues to expand with each high-tech invention, say several
scientists at U.S. high-tech labs. Among the most frightening are the advent
of MEMS � micro-electro-mechanical systems. These tiny machines, potentially
smaller than a human cell, may one day be injected into the bloodstream as
miniature doctors sent to beat back viruses or kill cancerous cells. But
they could just as easily be designed as a lethal combination of high-tech
and biological warfare, as smart MEMS could be set to infect and kill
specific kinds of subjects.
Irrational fears?
Not everyone is persuaded the threat is all that dramatic. After all,
hackers did not gain access to the Pentagon�s most secure systems.
InfoWar.com founder Louis Cipher (a pseudonym) says Eligible Receiver and
other high-profile cyber-threat incidents are part publicity stunt aimed at
getting more federal money targeted to cyberwarfare research.
�Paranoia is a bad thing, and America is being infected quickly,�
Cipher said. �Everybody�s an alarmist.... You can disturb an infrastructure.
Can go into telephony and can cause disturbance, a denial of service. But
disturbing electrical facilities is difficult. Just like on a railroad, they
can go from track to track. There are a lot of safeguards.�
And despite all the conjecture about cyberwar capabilities, there�s
little evidence it has actually been used. In fact, even if the ability to
take out power grids with a computer is out there, U.S. forces apparently
showed a distinct reluctance to use the ability during the Kosovo conflict.
So-called �soft bombs,� which short out electric lines, were used to create
local power disruptions instead of a computer-based attack.
That satisfies Cilluffo, who thinks the United States should hold off
crossing the line to cyberwar for as long as possible.
�A well-placed bomb may still be easier,� Cilluffo said. �If we can
go through physical means, then we are not compromising a technique that
could be used against us.... After all, we have a lot more to lose.�
Bob Sullivan covers Internet issues for MSNBC.com
DECLARATION & DISCLAIMER
==========
CTRL is a discussion and informational exchange list. Proselyzting propagandic
screeds are not allowed. Substance�not soapboxing! These are sordid matters
and 'conspiracy theory', with its many half-truths, misdirections and outright
frauds is used politically by different groups with major and minor effects
spread throughout the spectrum of time and thought. That being said, CTRL
gives no endorsement to the validity of posts, and always suggests to readers;
be wary of what you read. CTRL gives no credeence to Holocaust denial and
nazi's need not apply.
Let us please be civil and as always, Caveat Lector.
========================================================================
Archives Available at:
http://home.ease.lsoft.com/archives/CTRL.html
http:[EMAIL PROTECTED]/
========================================================================
To subscribe to Conspiracy Theory Research List[CTRL] send email:
SUBSCRIBE CTRL [to:] [EMAIL PROTECTED]
To UNsubscribe to Conspiracy Theory Research List[CTRL] send email:
SIGNOFF CTRL [to:] [EMAIL PROTECTED]
Om
