Forwarded from: William Knowles <wkat_private> http://www.washingtonpost.com/wp-dyn/articles/A46967-2002Aug21.html By Ariana Eunjung Cha and Jonathan Krim Washington Post Staff Writers Thursday, August 22, 2002; Page A02 The Bush administration is stepping up an internal debate on the rules of engagement for cyberwarfare as evidence mounts that foreign governments are surreptitiously exploring our digital infrastructure, a top official said yesterday. Richard A. Clarke, head of the Office of Cyberspace Security, said the government has begun to regard nation-states rather than terrorist groups as the most dangerous threat to this country's computer security after several suspicious break-ins involving federal networks. "There are terrorist groups that are interested. We now know that al Qaeda was interested. But the real major threat is from the information-warfare brigade or squadron of five or six countries," Clarke said in an interview with Washington Post editors and reporters. The White House last week called in Gregory J. Rattray, an Air Force officer and author of "Strategic Warfare in Cyberspace," to accelerate the process of sorting out the legal and ethical issues surrounding such attacks. In one series of incidents in 1999 and 2000, unidentified hackers downloaded scores of "sensitive but unclassified" internal documents from the Los Alamos and Livermore national laboratories and the Defense Department. Investigators traced the electronic trail back to an unnamed foreign country; officially, the government there denied being involved, but the intrusions suddenly stopped, he said. U.S. officials also believe it is possible that a foreign government helped create the Code Red virus that took control of 314,000 servers last year and directed them to attack White House computers. For the past nine months, Clarke -- who reports both to Homeland Security Director Tom Ridge and national security adviser Condoleezza Rice -- has been preparing a plan that will involve the government, private companies and average citizens in defending against future attacks. This national strategy will be outlined next month in Silicon Valley. Among the recommendations is that Internet service providers for cable and DSL companies package their faster always-on services with "firewalls," or security software that repels outside intrusion and monitors what information is sent out to the Internet. Clarke said many people have connected to the Internet through such services in recent years without being told their computers are open to intruders. "Our goal is not to prevent cyberattacks but to withstand them," Clarke said. Clarke said the country has made some progress in shoring up its defenses since Sept. 11 attacks but it will be years before it can fix the numerous vulnerabilities that have existed on the Internet since its creation. He said the government also is assessing whether some critical computers should be disconnected from the Internet or run on a private network. Federal agencies have increased their information technology spending to $4.5 billion in the fiscal year beginning in October, up 64 percent from the previous year. Major software companies such as Microsoft Corp. and Oracle Corp. have made security a top priority. But companies in other sectors, especially telecommunications, have been slower to respond because of financial difficulties, Clarke said. Meanwhile, Clarke said, more and more countries, especially poorer ones, are coming to see the advantage of cyberwarfare over traditional warfare. Such efforts are less expensive, costing thousands of dollars, compared with billions for a nuclear weapons program. Cyberattacks also are easier to conceal. The specter of a more significant cyberattacks from enemy countries has pushed the U.S. government to explore how far it should go in its own use of technology in war. The U.S. military's use of cyberwarfare so far has been limited mostly to defensive efforts and information collection. After the NATO campaign in Kosovo in 1999, Gen. Henry H. Shelton, chairman of the Joint Chiefs of Staff, disclosed that the military had jammed Serbian computer networks. But Clarke said the United States has yet to engage in a major attack that damages other systems. Clarke describes the situation today as analogous to the dilemma the U.S. government faced several decades ago when it had nuclear capability but lacked rules on when or how to use the weapons. Under the Geneva Convention, the operative international law of war, attacks on noncombatants are prohibited. Thus, a cyberattack on the banking system or electricity grid of a country believed to be helping terrorists would raise unresolved legal issues because of the damage it might inflict on innocent people. "It's okay to blow up a bridge and kill everyone, including civilians" if the bridge is believed to serve a military purpose, said Mark Rasch, a technology security consultant and former Justice Department prosecutor. "But it might not be okay to hack into computer systems" that are not obviously serving a military purpose. And it could be particularly hard to control the impact of an electronic attack. For example, any virus the military might unleash on its enemies would probably spread beyond the target because so many of the world's computers are linked to the Internet. Some officials in the Bush administration also are concerned about creating dangerous precedents by launching the first major Internet attack given that the United States could have with more to lose than any opponent in such a conflict. American businesses and governmental entities depend on technology to a far greater degree than do relatively undeveloped countries and loose-knit terrorist groups -- and retaliation by could be a major danger. "We live in the largest glass house on the street when it comes to that," said Daniel T. Kuehl, a professor at National Defense University, an education arm of the military. Staff writer Vernon Loeb contributed to this report. *==============================================================* "Communications without intelligence is noise; Intelligence without communications is irrelevant." Gen Alfred. M. Gray, USMC ================================================================ C4I.org - Computer Security, & Intelligence - http://www.c4i.org *==============================================================* - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Thu Aug 22 2002 - 02:26:40 PDT