[ISN] Cyberspies and saboteurs: Hackers on the payroll of U.S. security agencies

From: InfoSec News (isnat_private)
Date: Mon Oct 08 2001 - 01:08:32 PDT

  • Next message: InfoSec News: "[ISN] Internet proves easy way for terrorists to communicate"

    Forwarded from: Patrice Boivin <lori.patat_private>
    
    http://www.canada.com/montreal/montrealgazette/story.asp?id={00D3AF24-9BFD-403A-AF2C-A6C9501EEC13}
    
    ALEX ROSLIN
    Montreal Gazette
    Saturday, October 06, 2001
    
    As U.S. Defence Secretary Donald Rumsfeld unleashes a "shadow war" of
    covert special-forces operations against terrorist Osama bin Laden, he
    is sending into action many high-tech warriors who have neither guns
    nor grenades, and whose combat missions won't take them anywhere near
    Afghanistan.
    
    Their brand of fighting goes by the innocent-sounding term of
    "computer network exploitation." Most people would simply call them
    computer hackers.
    
    But unlike rebellious teenagers sitting at their bedroom computers,
    these hackers work for intelligence agencies and have advanced
    training in computer science, math and cryptology.
    
    No government agency in Canada or the U.S. has acknowledged that it
    employs hackers to break into computers. That information is secret
    because the targets of "computer exploitation" are not just terrorists
    like bin Laden and hostile states. The targets can just as easily be
    citizens at home, trade negotiators and diplomats from friendly
    countries, or foreign businessmen bidding against a domestic company.
    
    In this exclusive Gazette report, some of North America's top
    intelligence, military and computer experts talk about how government
    hackers are transforming the Internet into a tool for spying and
    warfare. They say U.S. spy agencies, and very likely Canadian ones
    too, have been hacking into computers for years.
    
    Right now, they say, hacking plays an important role in President
    George W. Bush's war against bin Laden and his supporters.
    
    While this tool is limited by the fact that there are few computers in
    Afghanistan, where bin Laden is said to be hiding, it may prove
    critical in tracking down his bank accounts and business fronts around
    the world, said intelligence expert Jon Concheff, who spent 21 years
    in the U.S. Special Forces.
    
    Hacking, he said, "is a logical and critical adjunct to the revivified
    campaign against terrorism."
    
    Canada's military says it wants to engage in hacking, too. In June,
    one of Canada's top commanders in "computer operations," Colonel Randy
    Alward, announced that the Canadian Forces want to include hacking in
    their military arsenal. Under the policy, military hackers would be
    trained to disable communication systems, destroy electronic
    information and plant destructive computer viruses.
    
    But experts caution that hacking is a dangerous and unpredictable new
    tool.
    
    "I think this is perilous. I'm more worried about what states are
    doing than Mafiaboy," said Ron Deibert, a University of Toronto
    professor who studies the Internet and has been an external examiner
    on computer warfare at the Canadian Forces College in Toronto.
    (Mafiaboy is a Montreal teenager who pleaded guilty this year to
    hacking into U.S. Web sites.)
    
    "When we talk about information warfare, people don't see it applies
    to them," said Robert Garigue, a retired Canadian Forces
    lieutenant-commander, now the Bank of Montreal's vice-president
    (information security). "But it does. We've created this social space
    (on the Internet), and conflict is moving into it. Every decision you
    make is mediated by computer. In that sense, the computer layer
    becomes very powerful when you can manipulate it."
    
    - - -
    
    Computer spying couldn't have been born in a prettier place. Nestled
    into the side of Colorado's majestic 4,300-metre-high Pikes Peak,
    Schriever Air Force Base lies where the rolling plains meet the
    eastern wall of the Rockies.
    
    The facility controls all of the U.S. Defence Department's classified
    satellites, and is home to President George W. Bush's National Missile
    Defence project.
    
    In July 1994, the base saw a history-making demonstration by Kevin
    Ziese, a computer scientist in the newly created U.S. Air Force
    Information Warfare Centre. The top brass was out in force as Ziese
    showed how to hack into a computer system.
    
    He refused to say what he broke into ("I don't feel comfortable going
    into details"), but it is clear the exercise impressed the generals.
    "Once you see a demonstration of how to break into a computer system,
    it doesn't take a rocket scientist to realize it has an offensive
    capability," he said.
    
    Shortly after, the U.S. military created its first organized
    information warfare program to train super-hackers. One of their jobs
    would be computer exploitation, stealing sensitive information and
    leaving enough secret back doors so they can sneak back into a
    computer.
    
    Ziese refused to provide details of U.S. hacking operations, but
    likened them to clandestine special-forces missions now employed in
    Afghanistan. "I would draw an analogy between computer exploitation
    and special-forces exploitation. There are clearly cases where
    (sending in) the special forces makes good sense, but they would be
    relatively few. This would be equally true for computer exploitation,"
    he said.
    
    "Their job is to dig up what's in computers (of groups) that hold
    views that may be harmful to the U.S.," said Hal Gershanoff, editor of
    the Journal of Electronic Defense, a Norwood, Mass.-based monthly
    published by the Association of Old Crows, a group of experts in
    computer warfare.
    
    In bin Laden's case, U.S. government hackers don't have many targets
    in Afghanistan, but they could break into computers of his businesses,
    wealthy associates and followers elsewhere, said Winn Schwartau, an
    information-warfare expert who advises the U.S. Defence Department. As
    well, they could target banks that haven't agreed to collaborate with
    the U.S. by freezing terrorist-linked accounts.
    
    "It would be really stupid of us not to do a computer network attack
    into their systems," he said.
    
    Government hackers can also have a more destructive mission -
    attacking or manipulating sensitive computer networks. This quickly
    becomes computer warfare - what the media sometimes calls
    cyber-warfare. Most experts are loath to discuss such operations, but
    they said hackers can bring a country to its knees and cause as much
    damage as nuclear weapons - shutting down power grids, air-traffic
    control, emergency services and telecommunications.
    
    Ironically, this means hacking is a double-edged sword for countries
    like Canada and the U.S., which are far more vulnerable to being
    attacked themselves than low-tech opponents like bin Laden.
    
    - - -
    
    The U.S. Special Forces soldiers sent into Afghanistan to hunt down
    bin Laden are packing more than rifles and survival gear. They went
    armed with high-tech communications links that would feed them the
    latest intelligence from the U.S. National Security Agency. The NSA is
    so secret that its existence wasn't even acknowledged until the 1970s.
    It's thought to have a budget of over $11 billion a year and to employ
    more people than the CIA and FBI combined.
    
    The NSA's job - like that of its Canadian sister agency, the
    Communications Security Establishment - is to collect signals
    intelligence (SIGINT in spy lingo) by filtering through rivers of
    local and international phone calls, faxes, satellite transmissions
    and E-mail.
    
    Their role was defined by the digital age. Now, instead of passively
    waiting around to catch messages in the sky - known as midpoint
    collection - they could reach through the airwaves right into a
    computer - endpoint collection. Some dub it HACKINT. Intelligence
    historian James Bamford calls it the "the most profound change in the
    history of signals intelligence."
    
    "Throughout most of its history, the NSA has been considered as a
    support organization to war fighters. But what the NSA is saying now
    is they won't play the support role. They will play an active role,"
    said Bamford, author of Body of Secrets: Anatomy of the Ultra-Secret
    National Security Agency.
    
    "They will be on the front line in taking offensive actions."
    
    Bamford said much of the NSA's "endpoint collection" is being done
    through a hyper-secretive agency called the Special Collection
    Service, based in Beltsville, Md.
    
    The service was set up in the late 1970s to combine the physical
    penetration skills of the CIA with the technical expertise of the NSA,
    and is jointly run by both agencies, said Washington, D.C.,
    intelligence analyst John Pike. "It's the black-bag,
    breaking-and-entering, Mission Impossible-type agency."
    
    The only inside account of this agency comes from a Canadian, Mike
    Frost, a retired veteran of the Communications Security Establishment.
    In his 1994 book Spyworld, Frost said the mysterious U.S. service,
    known to insiders as College Park, specializes in secret missions from
    U.S. embassies abroad.
    
    - - -
    
    Experts say U.S. spies have secretly engaged in HACKINT for years with
    little public debate. Ironically, its biggest critics are military
    strategists.
    
    "There is a big question (in government circles) as to how far it
    should go," said Roger Molander, a former member of the U.S. National
    Security Council, now a computer-warfare expert at the RAND Corp., a
    think-tank close to the Pentagon and U.S. intelligence agencies. A
    major concern is that government hacking blurs the lines between peace
    and war, he said. "If you get caught mapping out the critical
    infrastructure of an important power grid in an escalating crisis,
    people might view it as an act of war."
    
    Daniel Kuehl, a professor specializing in computer warfare at the
    Pentagon's National Defence University, agreed. "State vs. state
    espionage is an accepted part of statecraft. But what if I insert a
    program in an air-defence system? What line have I just crossed?
    Nobody knows. Have we gone to war? None of the old measures apply
    here. This environment has all kinds of borders we don't understand
    yet."
    
    Another big unknown is the spin-off of government hacking. An attack
    on one country or terrorist group could bring down computers in other
    parts of the world, like a computer virus spinning out of control.
    "After one (computer warfare) exercise, we reacted, 'Oh my God, how
    many systems did we take out?' " said Robert Garigue, the former
    Canadian Forces lieutenant-commander. "It's a very difficult weapon to
    use. It's not as simple as the Americans make it out to be. Have you
    any understanding of what the cascading effects are? It is a naive
    belief to think we can partition this off so we won't be affected."
    
    Tiit Romet, a scientist formerly employed by Canada's Department of
    National Defence who helped develop military information-operations
    strategy, painted a worrisome scenario. "We could show the
    vulnerabilities of the power grid of country X. If we get into a
    conflict - say we want to disrupt the power network in some cities,
    maybe black out hospitals - that's where the ethical questions come
    in. What happens if kids get killed?"
    
    Another problem is that hackers have to conceal their identity by
    invading neutral machines - like those of a university - and launch an
    attack through them. This raises the prospect of spies
    indiscriminately breaking into civilian machines and turning them into
    unwitting hacking devices.
    
    "It's one thing if you're the CIA and you bribe someone to give you
    information. It's another thing if you are actually invading common
    (Internet) carriers to do it. The end result is the same, but you have
    to penetrate an awful lot of systems that are commonly used," said
    James Bamford, the intelligence historian. "The question gets raised,
    'Where will they do it next? What restrictions are there?' "
    
    Just as troubling, say experts, is the lack of public scrutiny and
    legal restrictions. "The people doing it don't like to admit they are
    doing it. I don't think there has been any (Congressional) oversight
    at all," said Peter G. Neumann, an eminent Silicon Valley computer
    scientist and privacy expert who has testified to Congress on computer
    security. "It's a very delicate business. You're on the tip of the
    iceberg here."
    
    - Some related Web sites you can visit:
    
    - www.efc.ca. Electronic Frontier Canada, a privacy watchdog in
      Canada.
    
    - www.epic.org. Electronic Privacy Information Center, a U.S. privacy
      watchdog.
    
    - www.wirednews.com. The latest news from the electronic frontier,
      including lots of privacy coverage.
    
    - www.oss.net. This is former CIA officer Robert Steele's site with a
      wide-ranging choice of intelligence documents.
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.
    



    This archive was generated by hypermail 2b30 : Mon Oct 08 2001 - 03:28:42 PDT