[ISN] Cyberspace: The next battlefield

From: InfoSec News (isnat_private)
Date: Thu Jun 21 2001 - 02:22:23 PDT

  • Next message: Masongsong, Manny: "RE: [ISN] IT's hottest job? Security expert"

    By Andrea Stone
    ARLINGTON, Va.  They don't drive tanks, fly jets or even wear boots.
    But the computer technicians hunkered down in virtual foxholes in a
    pale yellow building here in suburban Washington might well be the
    frontline soldiers in the nation's next war.
    They work for the Defense Information Systems Agency, which figures
    that future conflicts won't be won by shooting down the enemy's
    aircraft but by shutting down its computers.
    Today, they defend the U.S. military's 2.5 million computers against
    hackers. But they are being trained to guard against computer attacks
    by other countries and to launch computer virus invasions that will
    bring chaos to a foe's communications networks, financial systems and
    power grids.
    Military analysts say the United States is one of more than 20
    countries girding for this new kind of conflict, known within the
    Defense Department as "IW" for information warfare. Last fall, the
    Pentagon disclosed that the U.S. Space Command is building offensive
    computer weapons to use against adversaries. Until then, the Pentagon
    had focused on defensive measures to protect U.S. military computers,
    satellites and communications links.
    Russia, North Korea, Iraq, Libya, Cuba, Britain, France, Israel and
    China also are developing IW capabilities, according to military
    analysts. The Congressional Research Service says that China has
    assembled a battalion of computer experts to develop offensive viruses
    and defenses that some in the Pentagon call "the Great Firewall of
    In fact, China is pursuing IW capabilities at least as aggressively as
    the Pentagon. It concluded after the Persian Gulf War in 1991 that it
    could never defeat the United States in a conventional conflict, so
    its strategists decided to target America's heavy dependence on
    computers, analysts say.
    "The next time you see a major international conflict between two
    technologically advanced opponents, you're going to see computer
    network attacks," predicts Dan Kuehl, who teaches information warfare
    at the National Defense University in Washington.
    Why? At a time when political leaders are eager to minimize casualties
    and the U.S. public has come to expect bloodless precision strikes,
    computer viruses are an enticing and relatively cheap weapon. Analysts
    say IW could shorten conventional conflicts or even head them off by
    bringing foes to their knees.
    IW is not just the stuff of science fiction. The Pentagon has already
    used computer weapons. During the Gulf War, U.S. warplanes emitted
    electronic jamming signals that disrupted Iraqi air-defense computers
    and interfered with their ability to target allied aircraft.
    During the war in Kosovo in 1999, U.S. officials considered siphoning
    funds electronically from Serbian leader Slobodan Milosevic's bank
    accounts but decided not to because of legal concerns, analysts say.
    The Serbs launched a crude IW attack: They vandalized NATO Web sites.
    Defense Secretary Donald Rumsfeld ranks IW as one of the gravest
    national security threats. One of his top priorities is to protect
    military computer functions, such as communications, navigation,
    weapons targeting, intelligence and logistics.
    "We're going to need to have ways to make sure that we can continue to
    see, hear and communicate," Rumsfeld said in a recent interview.
    Significant obstacles
    Cyberweapons could revolutionize war in the 21st century as the
    airplane did in the 20th century. But the Pentagon and policymakers
    have obstacles to overcome.
    One is learning how to defend against viruses launched by attackers
    who can hide their identities. If the U.S. Military can't be sure
    whether the assailant is a lone hacker or a foreign government, it is
    difficult to retaliate.
    Another concern is whether IW fits within the legal and ethical
    boundaries of warfare because of the potential threat to civilians.
    Computer weapons aren't precise enough to limit damage to military
    targets. Unlike precision-guided bombs, a virus unleashed to shut down
    power in a military command post could spread inadvertently to a
    hospital nearby or even cross borders and cause havoc in a neutral
    John Hamre was a strong advocate of beefing up computer defenses when
    he was deputy Defense secretary in the Clinton administration. But
    he's skeptical about using computers as offensive weapons. "For
    warfare, you want high confidence and predictability of outcomes, and
    that's very hard to know in cyberspace," he says.
    Military officials won't divulge their offensive capabilities. But
    analysts say they believe the Pentagon has a formidable arsenal.
    "We have powerful tools that we have not used," says Steven Hildreth,
    a Congressional Research Service defense analyst. The United States is
    the leader in the field, but it doesn't take great economic resources
    to develop powerful computer weapons.
    Analysts say the U.S. arsenal likely includes malevolent "Trojan
    horse" viruses, benign-looking codes that can be inserted
    surreptitiously into an adversary's computer network. They include:
    * Logic bombs. Malicious codes that can be triggered on command.
    * Worms. Programs that reproduce themselves and cause networks to
    * Sniffers. "Eavesdropping" programs that can monitor and steal data
      in a network.
    The U.S. Military could use these weapons to trigger disruptions in
    enemy territory, such as a shutdown of oil and natural gas pipelines
    or a cutoff of phone service, analysts say.
    At the same time, an adversary could use these same viruses to launch
    a digital blitzkrieg against the United States. It might send a worm
    to shut down the electric grid in Chicago and air-traffic-control
    operations in Atlanta, a logic bomb to open the floodgates of the
    Hoover Dam and a sniffer to gain access to the funds-transfer networks
    of the Federal Reserve.
    Those kinds of attacks, which would target civilians, probably violate
    international law. But computer strikes that destroy or interrupt the
    flow of military information would conform to international rules of
    For example, U.S. Military technicians could send an adversary's
    precision-guided weapons off course by altering signals from the
    control system. They could change the enemy's tank computers to
    identify "friendly" forces as foes, prompt the enemy to redeploy
    forces based on false information fed into its computers and route
    truck parts instead of bombs to fighter jet squadrons.
    Vulnerable computers
    The Pentagon is vulnerable to the same kinds of attacks. About 95% of
    its communications are carried over unclassified, commercial networks.
    "The (Internet) linkages that take a cybercrime to Amazon and eBay are
    exactly the same linkages that would take an attack inside critical
    military facilities," says the National Defense University's Kuehl.
    The vulnerabilities of U.S. Military and civilian computers are well
    known to China.
    In 1996, a Chinese military paper told of preparing for "a war of
    decisions and control, a war of knowledge, and a war of intellect."
    Three years later, two Chinese officers wrote a book that advocated
    using cyberattacks against civilian power, transportation,
    communications and financial systems. U.S. analysts say the Chinese
    are pouring significant resources into developing such capabilities.
    For now, the main threat comes from hackers, not hostile nations.
    They're trouble enough: 413 intruders broke into U.S. Military
    networks last year. That record makes analysts wonder how the Pentagon
    will fend off sophisticated attacks from hostile countries.
    Although the Pentagon spent $1.6 billion on computer defenses last
    year, the General Accounting Office, a congressional watchdog agency,
    criticized it in March for having networks "beset by vulnerabilities."
    The Pentagon has known for several years that its computers are
    * In 1997, it held an exercise called "Eligible Receiver." Teams from
      the intelligence-gathering National Security Agency (NSA) used
      Internet hacker programs to simultaneously break into nine city
      power grids and 911 emergency systems and 36 Pentagon computer
      networks, says computer consultant James Adams, an NSA
      adviser. Systems administrators detected only two of the military
      attacks, he says.
    * In 1998, more than 500 Pentagon computer systems were compromised in
      a series of attacks code-named "Solar Sunrise." The intrusions
      appeared to originate in the United Arab Emirates but eventually
      they were traced through several countries to two California high
      school students and their 18-year-old Israeli mentor.
    * Since March 1998, a group of hackers apparently based in Russia has
      broken into hundreds of Pentagon and other government computer
      networks and stolen thousands of unclassified technical files in an
      operation U.S. officials have dubbed "Moonlight Maze." Moscow denies
      involvement, and the culprits are unknown.
    Beefed-up defense
    The Pentagon recognized that any of those attacks could have come from
    a foreign government. And it concluded that it had to raise the
    digital ramparts. It formed what is now the Joint Task Force for
    Computer Network Operations to coordinate defensive and offensive
    information warfare programs. It has asked Congress for a 500%
    increase in funding, from $3.1 million to $18.6 million in 2002.
    In addition, each service has its own information warfare operations.
    The Pentagon also is trying to figure out the legal consequences of
    IW. If a foreign government hacked into a bank's computers and stole
    billions of dollars, would that constitute an act of war?
    "Even as we have challenged the technologists to develop great tools,
    we are really challenging the lawyers to find the legal framework,"
    says Army Maj. Gen. Dave Bryan, head of the joint task force. "We are
    asking for some new rules."
    There's also the problem of identifying whether the enemy is a foreign
    government, terrorist group or amateur hacker. "Pinning the blame on a
    specific group or nation is tough," Adams says.
    But these concerns have not slowed a rush by militaries to integrate
    this new weapon into their war plans in hopes it will reduce
    casualties. Information warfare "doesn't have the same punch as
    bombs," Kuehl says. "But if it does offer the possibility to drop the
    cost in human life, that's good."
    ISN is hosted by SecurityFocus.com
    To unsubscribe email isn-unsubscribeat_private

    This archive was generated by hypermail 2b30 : Thu Jun 21 2001 - 02:35:30 PDT