[ISN] Fierce cyber war predicted

From: InfoSec News (isnat_private)
Date: Tue Mar 04 2003 - 02:04:21 PST

  • Next message: InfoSec News: "[ISN] Hackers' code exploits Sendmail flaw"

    http://www.cnn.com/2003/TECH/ptech/03/03/sprj.irq.info.war.ap/index.html
    
    March 3, 2003 
    
    NEW YORK (AP) -- Imagine Iraqi commanders getting misleading text
    messages on their cell phones. They appear to contain orders from
    Saddam Hussein but are actually sent by the U.S. military in disguise,
    directing Iraqi troops to a trap.
    
    Or how about a radar that confuses the Iraqi air defense system by
    showing U.S. bombers in the wrong locations, or heading in the wrong
    direction?
    
    Although information operations has been a tool of warfare for
    centuries, the Internet and other technologies are boosting
    capabilities -- and the stakes. Already, the Pentagon has sent
    unsolicited e-mails to Iraqi generals, encouraging them to defect.
    
    "Warfare is less and less about pushing men and machines around the
    battlefield and more and more about pushing electrons and photons,"  
    said Loren Thompson, a defense analyst with the Lexington Institute in
    Arlington, Virginia.
    
    Comments hard to come by
    
    The Pentagon has been mostly mum about what it can do and plans.  
    Military analysts wouldn't reveal specifics, fearful the Iraqis could
    develop countermeasures.
    
    "One thing I can tell you for sure: People who really know about these
    programs can't tell you about these programs," said Bruce Berkowitz, a
    senior analyst with Rand. But Berkowitz did spell out the goals: Shape
    perceptions and get ahead of the enemy's decision-making intelligence
    through spying, jamming and deception.
    
    Chris Prosise, a Foundstone Inc. security researcher formerly with the
    Air Force's Information Warfare Center, said the U.S. military has the
    same tools available to computer hackers. A virus, for instance, can
    create "backdoor" openings for later break-ins.
    
    Information operations could also involve steering Iraqis to
    less-secure communications channels for easier spying, such as by
    destroying the infrastructure required for encryption. That can be
    done with bombs, computer attacks or, perhaps, electromagnetic-pulse
    weapons, which disable electronics with massive bursts of electricity.
    
    During the Civil War, when signal flags were used, Union forces broke
    Confederate coding schemes and diverted the South's troops by planting
    bogus messages, Berkowitz said.
    
    And during World War II, Allies fooled Germans by "leaking" battle
    plans involving nonexistent troops.
    
    Net helps deception
    
    The Internet makes deception easier. Getting away with it, though, can
    be harder. Saddam can check Google for references to an Army division
    or read local newspapers reporting on their units' whereabouts.
    
    "These soldiers are still getting haircuts and shopping, and local
    merchants are going to report massive drop-offs in sales due to troops
    deploying," said John Pike, director of GlobalSecurity.org, a research
    organization.
    
    Sgt. Maj. Lewis Matson, a spokesman for the U.S. Central Command,
    would only confirm two previously used "propaganda" methods.
    
    For months, planes have been dropping leaflets over the "no-fly"  
    zones, warning Iraqi soldiers not to fire at American aircraft and
    stressing Saddam's suppression of the Iraqi people. The 193rd Special
    Operations Wing of the Pennsylvania Air National Guard also has been
    broadcasting recorded radio messages from EC-130E Commando Solo
    aircraft.
    
    One of the six Commando Solos, which can also broadcast television,
    has an antenna for retransmitting live satellite feeds, said Senior
    Master Sgt. Michael Kovach, an electronics instructor with the 193rd
    wing.
    
    Its first use could come in Iraq.
    
    Encouraging surrender
    
    One hypothetical use of such a transmitter could be to encourage
    surrender by beaming into Iraq doctored video of Saddam being
    captured. Such tactics could backfire, however, if a conflicting
    version were to appear via one of the many information sources now
    available -- radio, Internet, satellite TV.
    
    Military officials privately acknowledge that they've sent e-mail to
    Iraqi generals, encouraging dissent and defections and warning against
    following any order to use weapons of mass destruction.
    
    The U.S. Strategic Command, meanwhile, has the Joint Task Force for
    Computer Network Operations available for computer attacks. The
    National Security Agency also has invested heavily in this area over
    the past five years, said intelligence expert and author James
    Bamford.
    
    Bill Sweetman, a contributing editor with Jane's International Defense
    Review, said the U.S. military benefits from its familiarity with the
    Russian computer systems used by Iraqis.
    
    The Chinese-built fiber-optic cables running Iraq's air defenses may
    be harder to penetrate than the airwaves, but military hackers can do
    much more -- and quietly -- once they are breached, Brookings
    Institution fellow Peter Singer said.
    
    Developing guidelines
    
    There has also been talk of disrupting bank accounts through hacking,
    though retired Air Force Col. Alan Campen, an editor of four books on
    cyberwarfare, warns that doing so could hurt the global financial
    system.
    
    "When you're launching a computer attack against somebody, how do you
    know you've got them and haven't hurt yourself?" he asked.
    
    President Bush already has signed a secret order to develop guidelines
    on launching cyberattacks. Once bombs start dropping, Bamford said,
    the military and intelligence communities will likely get all the
    authority they want.
    
    "They'll use this whole thing as a big training ground," Bamford said.  
    "They'll experiment with everything they've been thinking about for a
    long time."
    
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Tue Mar 04 2003 - 04:52:34 PST