-Caveat Lector- Y2K Seen as Possible Cover for Cyberwars LONDON (Reuters) - If you have been worrying that the worst case scenario for the millennium computer bug is that your heating could fail for a couple of days or the traffic lights go on the blink, brace yourself. Some military experts fear guerrillas or rogue states might launch assaults on communications networks under cover of the millennium computer bug in a possible "Digital Pearl Harbor." Michael Vatis of the FBI, the top U.S. "cybercop," warned last week in Washington that changes to computer software that might threaten security could have been planted by foreign contractors under the guise of Year 2000 (Y2K) bug fixes. The good news is that this information warfare or "NetWar" is considered unlikely. Not many guerrilla groups have the kind of expertise needed to penetrate sophisticated military computer systems, but with companies, governments and the military becoming ever more reliant on computers and the Internet these powerful networks present a tempting target. Terrorists wanting to damage a country's communications infrastructure would be more likely to try to blow it up with explosives. This would inflict damage on a specific target and generate the kind of publicity these groups crave. But even if action against computer systems is unlikely when clocks strike midnight on Dec. 31, information warfare is becoming an indispensable arm of future military planning. Experts also have fears about the civilian world. Criminals may use the frenzy to protect computer systems from possible bug contamination to place their operatives at the heart of banking systems for fraudulent purposes. All this has become possible because some programmers used only double-digit numbers to denote years -- like 87 or 99 -- which might cause some computers to stumble over the zeros in 2000 as the new millennium dawns. SURREPTITIOUS CYBERATTACK Paul Beaver, spokesman for Jane's Defense Weekly, believes the possibility of surreptitious cyberattacks is a real one but says this is limited to guerrillas or antisocial action. "No one expects Russia to assault NATO," he said. "I don't think there is anyone around with the motive to do anything with the exception of the Serbs; they are the only people with the technical capability who are a potential enemy and might have a grudge." During the war over Kosovo this year, Serbs are believed to have temporarily disabled a NATO Web site using "ping attacks" -- crashing a computer with an induced traffic overload. "This idea of a digital Pearl Harbor, the Americans are worried about it, but more as a long term problem than just Y2K," Beaver said, referring to the surprise attack launched in December 1941 by the Japanese on U.S. naval forces in Hawaii. Peter Sommer, senior research fellow at the London School of Economics, reckons military and financial computer systems are far too sophisticated to fall to amateur hackers. "I have my doubts about this digital Pearl Harbor syndrome," he said. "You have to assume some rationality even in terrorists." "Cyberweapons don't have a known outcome. You need a great deal of inside knowledge. You can conceive of a madman knowing about critical telecommunications to bring them down (but) most sensible terrorists couldn't do that," Sommer said. Real bombs are more likely than computer attacks, he said. "Conventional weapons make a lot more sense. If terrorists can identify the most vulnerable physical part of a telecommunications network, or oil pipelines, they would go for those. The outcome would be more certain and there would be less element of risk. The cyber equivalent would need inside access and present more risk of detection." Shaun Gregory, senior lecturer at Bradford University's Peace Studies department, believes attacks are unlikely to cluster around the Y2K period because the military and corporations are paying special attention to safety and security. He also cautions against underestimating the intelligence of guerrilla groups. RAISED Y2K AWARENESS WILL DETER "The notion that terrorists are thick and lash out at things around them is wrong. You have to understand what they're trying to do -- provoke states into a reaction. They choose targets very carefully," Gregory said. Modern computer systems are almost impossible to penetrate, he added. "The U.S. has a multibillion-dollar computer software industry, the very cream of the experts, all sitting there thinking out ways to keep out irritants. We are supposed to believe that some genius with a laptop and modem will bring the whole thing down." Andrew Rathmell of the International Center for Security Analysis at King's College London sees more than a theoretical threat from undercover Y2K action but worries more about the longer-term menace to military and corporate networks because of security threats made worse by preparations for Y2K. "Lots of companies and government agencies have brought in outside contractors in the last few months to work on Y2K and they haven't been able to apply the same kind of security controls as they would normally," Rathmell said. "The longer-term problem is to what extent have terrorists or criminals been able to get into corporate and government networks and plant problems for the future like logic bombs." Logic bombs are a type of computer virus that can lie dormant for years and, when given a signal, wake up and begin attacking the host system. Other variations, in the jargon, include -- Computer viruses. These can be fed into an enemy's computers either remotely or by bribed technicians. -- Chipping. Booby-trapped computer chips. -- Worms. Computer programs that self-replicate and gradually eat up a system's resources. -- Trojan horse. A code inserted into a program that might perform a fraudulent function -- Trap doors. They can allow unauthorized access later to a computer system. Copyright 1999 Reuters . All rights reserved. This material may not be published, broadcast, rewritten, or redistributed. ======================= Robert F. Tatman Computer Help Desk Desktop & LAN Services Systems Department Philadelphia Newspapers, Inc. [EMAIL PROTECTED] 215.854.2729 215.854.2788 The contents of this message represent the opinion only of the writer, and may not be construed to indicate the endorsement of Knight-Ridder, Inc.; Philadelphia Newspapers, Inc.; The Philadelphia Inquirer; or the Philadelphia Daily News. "Artificial intelligence is no match for natural stupidity." DECLARATION & DISCLAIMER ========== CTRL is a discussion and informational exchange list. Proselyzting propagandic screeds are not allowed. Substance—not soapboxing! These are sordid matters and 'conspiracy theory', with its many half-truths, misdirections and outright frauds is used politically by different groups with major and minor effects spread throughout the spectrum of time and thought. That being said, CTRL gives no endorsement to the validity of posts, and always suggests to readers; be wary of what you read. CTRL gives no credeence to Holocaust denial and nazi's need not apply. Let us please be civil and as always, Caveat Lector. ======================================================================== Archives Available at: http://home.ease.lsoft.com/archives/CTRL.html http:[EMAIL PROTECTED]/ ======================================================================== To subscribe to Conspiracy Theory Research List[CTRL] send email: SUBSCRIBE CTRL [to:] [EMAIL PROTECTED] To UNsubscribe to Conspiracy Theory Research List[CTRL] send email: SIGNOFF CTRL [to:] [EMAIL PROTECTED] Om
