[ISN] Chaos: The Coming Technology War

From: InfoSec News (isnat_private)
Date: Wed Sep 26 2001 - 01:40:53 PDT

  • Next message: InfoSec News: "Re: [ISN] E-BOMB"

    Tim McDonald 
    September 25, 2001 
    Chances are that you won't see the next war start live on CNN, as in
    the 1991 Gulf War. Nor will your early warning signal be the emergency
    broadcast beep going off on your television or radio. So how will you
    know it's started? There will be some clues.
    Your pager won't work. The movie you're watching on HBO might suddenly
    go blank while the cable connection seems fine. Or your ATM machine
    will kick back your debit card for no apparent reason.
    In 1998, the Galaxy IV satellite that was orbiting the earth suddenly
    malfunctioned. About 80 percent of the pagers in the U.S. quit
    working. Cable and broadcast video feeds also shut down, while credit
    card authorization networks and other communication systems failed for
    Space: The 'Irresistible' Target
    The official explanation was that it was simply a malfunction. But,
    was it? And will it be next time? Only days after the incident, the
    official Chinese news agency Xinhua ran an article that said, in part:
    "For countries that could never win a war by using the methods of
    tanks and planes, attacking the U.S. space system may be an
    irresistible and most tempting choice."
    It wouldn't take much to disrupt and even immobilize the U.S.
    satellites upon which the country's military, government and
    commercial interests are increasingly dependent. All that would be
    needed is a rocket that can reach outer space, with some aiming
    capability, and a small nuclear warhead.
    China easily has such potential. So does Russia. And so do Iran, Iraq
    and North Korea. And, perhaps scariest of all in the current crisis,
    so does Pakistan.
    A 'U.S. Crusader' Virus?
    The only thing upon which defense experts agree with respect to
    information technology and its place in future conflicts is that it
    will be used somehow, some way. There are an infinite number of
    Computer viruses are commonplace now, though almost always relatively
    unsophisticated. They could become more specific, however, and be
    directed at narrower targets.
    For example, a "PLO virus" was developed at Hebrew University in
    Israel. In Japan, hackers invaded the computerized control system for
    commuter trains, disrupting major cities for hours. Italian terrorist
    group the Red Brigade specifically spells out how to take out computer
    systems and installations in its manifesto.
    In Ireland, Sinn Fein supporters posted details of the British army
    intelligence operations in Northern Ireland on the Internet, and they
    weren't even in Ireland when they did so -- they were working from the
    University of Texas at Austin.
    Electric power grids, oil and gas pipelines, vital communications
    systems, sensitive data -- they're all becoming more and more
    computerized and centralized.
    "Thirty years ago, terrorists could not have obtained extraordinary
    leverage," said Robert Kupperman, terrorist expert and chief scientist
    of the U.S. Arms Control and Disarmament Agency. "Today, however, the
    foci of communications, production and distribution are relatively
    small in number and highly vulnerable."
    Kupperman made that statement in 1977.
    Air-Breathing 'Jetscrams'
    What are we doing about it? The U.S. is preparing itself with a number
    of measures that range from the subtle to the spectacular. One of the
    most spectacular is NASA's Hyper-X project, featuring 12-foot-long,
    unmanned, air-breathing X-43A "jetscram" aircraft launched from F-15
    fighter jets that are capable of hunting down and destroying foreign
    satellites that threaten ours.
    Its targets could be as small as 20-pound "nano-satellites" loaded
    with sophisticated equipment and capable of jamming U.S. satellite
    transmissions with electronics or even lasers. Pakistan is only one of
    the countries working on such technology.
    There are other, less spectacular ways that could eventually be more
    effective. For example, the Federal Computer Incident Response Center
    plans to revamp a system that automatically sends security patches to
    civilian agencies, hoping to find a cheaper and easier way to protect
    systems against malicious viruses.
    Protecting Software
    On another front in the tech war, the National Science Foundation
    announced this week that it will create a new research program
    designed to upgrade the basic security level in commercial technology
    used by government and industry.
    "It is a necessity to ensure that future information systems not only
    behave as expected, but more importantly, continue to produce expected
    behavior and are not susceptible to subversion," the NSF said in its
    In addition, Georgetown University and the Terrorism Research Center
    maintain an information warfare database where incidents of suspected
    foreign invasions of information systems can be reported.
    "Information warfare attacks are occurring with increasing frequency
    and it is vital that a dynamic resource exists to track their
    incidence," the site says.
    Who? Us?
    There is also the chance you may not know about a U.S. response to an
    act of foreign electronic warfare. A paper by the Terrorism Research
    Center, headed by Matthew Devost, recommends a digital integrated
    response team (DIRT).
    The idea is for the U.S. to have its own, secret group of information
    warfare terrorists, sanctioned by executive order and scattered around
    the country in secret "cells."
    They would constitute a kind of "digital Delta Force," the paper says
    -- an offensive strike force capable of inflicting chaos on an enemy's
    electronic infrastructure. Such attacks would be cloaked in anonymity
    for security and other reasons.
    The paper concludes: "Such a response offers ultimate plausible
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Wed Sep 26 2001 - 04:00:16 PDT