http://atimes.com/media/DE21Ce01.html By James Borton May 21, 2002 WASHINGTON - Washington's War Situation Rooms are abuzz these days with a score of major flashpoints scattered across the globe, from the Middle East, Afghanistan, Iraq, Iran, Libya, Central Asia and North Korea to Cuba, and has now an issued alert of China's readiness to launch a cyber attack targeting key government computer systems. Alarm bells have not stopped ringing at the Central Intelligence Agency's (CIA) Langley, Virginia, headquarters. The agency has been under an increasing media assault since September 11 for its recognized intelligence failures. It is even more distressing for the multibillion-dollar-funded agency since it is now certain that the White House had been warned as early as last August that Osama bin Laden's al-Qaeda agents were seeking to hijack aircraft. With morale sagging, the ubiquitous and vast CIA appears to be operating on one overloaded circuit-breaker with its patriotic director George Tenet prominently in the crosshairs of terrorists and the US Congress. Incongruous as it seems, another intelligence report or early warning of an attack on the US is not being taken seriously. The insightful findings that China is gearing up for a cyber attack on defense and civilian computer networks in the United States and Taiwan is being dismissed outright as not potentially injurious to any computer networks. The paradox is startling. The Institute for Strategic Studies, run by the US Army War College, released a classified report as an early warning directed to all government policy shapers, the Defense Department, US diplomats and law-enforcement agencies to be vigilant for Chinese student hackers' efforts some time in early summer to spread computer viruses to deface sensitive government Internet sites. This is a disturbingly similar message to that which was issued to intelligence agencies a month before the devastating attacks on the Pentagon and the World Trade Center. "We do use our website for outreach and we are sensitive to its security. But it's important to put the defacing of Web pages in perspective. Admittedly it can be done, even with security measures in place, but it's more akin to vandalism than a security threat," said Dr Steven Metz, director of research and chairman of the Regional Strategy and Planning Department at the Strategic Studies Institute at the US Army War College. It is precisely this kind of denial of any clear and present danger from senior sources at the Pentagon and even the CIA that is causing an increasing firestorm among congressional leaders. This week, Washington's top lawmakers will be pushing for tougher inquiries about last year's breakdown in intelligence communication between the CIA and Federal Bureau of Investigation (FBI). In testimony presented to the US Senate Armed Services Committee last month, Tenet revealed, "I think we have a deep concern that the Chinese are also engaging in activities that continue to be inimical not just to our interests, but that their activity stimulates secondary activities that only complicate the threat we face." Code Red: No longer just a threat No one in Washington has forgotten when Chinese anger spilled over from the streets into cyberspace to protest the North Atlantic Treaty Organization's (NATO) bombing three years ago of the Chinese Embassy in Belgrade resulting in the deaths of three Chinese journalists. At that time, most of the major Chinese media organizations, including the People's Daily, CCTV, Xinhua News Agency, Guangming Daily, China Youth Daily, and Beijing Youth Daily, published extensive coverage of the street demonstrations against the bombings on their websites. As a direct result of that international incident, Chinese hackers broke into the US Department of Energy's website and replaced its homepage with a note written half in English, half in Chinese, which read: "We are Chinese hackers who take no cares about politics. But we can not stand by seeing our Chinese reporters being killed. Whatever the purpose is NATO, led by the USA, must take absolute responsibility. You have owed Chinese people a bloody debt which you must pay for. We won't stop attacking until the war stops." Only a year ago, a successful Chinese cyber attack aimed directly at the heart of America's political pulse knocked out the White House's website for almost four hours. A White House spokesman at that time refuted the seriousness of the action, stating that "there was no security breach, and the attack remains under review". Never mind that it was exactly a year ago, almost in a memorial salute to the Belgrade bombing of the Chinese Embassy, that Chinese hackers defaced more than 660 sites in the US, according to Michael Cheek from the security firm iDefense. US technologies of surveillance, encryption, firewalls, and even viruses have been willingly transferred to Chinese partners in the past several years as part of China's budding efforts to enter the New Economy. Rand Corp's James Mulvenon maintains that such US companies as Network Associates (McAfee Anti Virus), and Symantec (Norton Anti Virus) gained entry to China's market by voluntarily providing China's Public Security Bureau with more than 300 computer viral strains. Although senior Chinese Internet network officials maintain even today that a Code Red worm is far too sophisticated for China to have produced, several senior US analysts strongly disagree and confirm that the technology to launch cyber attacks has already been successfully deployed by China. After all, China has already developed a sophisticated surveillance system to monitor activities on the Internet. The system, which is similar to the data-recording "black box" installed in commercial airplanes, will be able to monitor all communications through the Internet. "Was there a failure of intelligence?" asked House Minority Leader Dick Gephardt. "Did the right officials not act on the intelligence in the proper way? These are things we need to find out." That was the question raised this past week on Capitol Hill. These legislators were not addressing these previous Chinese-inflicted cyber attacks, but rather the enormity of the September 11 tragedy. Intelligence agency aims to boost image The intelligence community, in an effort to boost US confidence in national security, is maneuvering to cast a wider safety net through the newly refurbished Washington naval complex at the intersection of Cryptologic Court and Intelligence Way. The Threat Monitoring Center, housed in a three-story, red-brick building, is an expansive room with a bank of televisions, numerous workstations with computers and nine clocks. Although there are still plenty of empty offices and cubicles, Tom Ridge, the Homeland Security director, states that the facility will soon be manned by representatives of more than a dozen federal agencies, among them the CIA, the FBI, the departments of Energy, Transportation and State and the National Security Agency, posted to alert Americans of any future terrorist attacks. That warning shot has already been issued and few Americans are listening. A report produced by the Strategic Studies Institute titled "Chinese Information Warfare: A Phantom or Emerging Threat?" demonstrates that China has more than an intense and acute fascination with information warfare (IW). Both the National Security Council and the CIA believe that the potential advances in Chinese IW capabilities have direct implications for US national security. Exhaustive research of Chinese information-warfare literature confirms a goal of information dominance. "The Chinese military views cyberwarfare as a way to overcome America's superiority," claims Toshi Yoshihara, a research fellow on security issues with the Institute for Foreign Policy Analysts and doctoral candidate at Fletcher School of Law and Diplomacy. Two years ago, John Serabian, the CIA's information operations manger, revealed in written testimony presented to the Joint Economic Committee that the US was indeed vulnerable to a major cyber attack from China's military inflicting much more injury than just defacing government websites, but creating truly damaging interruptions to the national economy and infrastructure. The "Cyber Terrorism Threat" report does include a carefully worded assessment that the Chinese government or military currently lacks the ability to conduct this intended goal of disrupting Taiwanese computer systems or US military logistics. Some close observers of America's intelligence community believe it is precisely this kind of mixed information, laced with naivete and denial, that fits squarely into the demands made by Senator Richard Shelby, the Alabama Republican who serves as vice chairman of the Senate Intelligence Committee, that a leadership shakeup may be required soon at the CIA. Just as America experienced in 1993 at the World Trade Center a shocking preview of what the entire world gravely witnessed a few years later on September 11, 2001, the next Code Red worm may prove to be much more than just a mere nuisance to government websites. *==============================================================* "Communications without intelligence is noise; Intelligence without communications is irrelevant." Gen Alfred. M. Gray, USMC ================================================================ C4I.org - Computer Security, & Intelligence - http://www.c4i.org *==============================================================* - ISN is currently hosted by Attrition.org To unsubscribe email email@example.com with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue May 21 2002 - 05:02:52 PDT