posted on Dec, 15 2002 @ 07:57 AM
Can you imagine war without a front line, fought on a screen, not on a field?
One day a war will be fought without firing a shot. It will be an information war, waged by attacking enemy computers, software and electronics that
control everything from traffic lights to intercontinental missiles. It's called information warfare, or cyber-war if you prefer, and preparation
for it is a lot more secretive than for conventional fights with tanks, guns and bombs. It's even possible that we're already in a sort of
information cold war, with opponents testing each other's defences, ready to make plans for attack if things turn awkward.
As vital parts of everyday life are increasingly controlled by computers, and with more and more of these computers linked to the Internet, they're
looking dangerously vulnerable as a focus of attack. If you can cause computer programs or the computers themselves to malfunction, then the system
they control aren't going to work properly. Military installations are obvious targets so they'll tend to be reasonably secure. But think of the
possible civilian targets: traffic light control across a city; railway signal network; power station; gas, oil or water pumping stations; petrol
tanker or super tanker and supermarket delivery truck schedulers; air traffic control systems; Internet service providers; and radio or TV stations.
Shut a few of those down and a modern city or even entire country could grind to a halt, causing mass confusion and economic disaster to the enemy
without the need to physically invade or fire a single cruise missile.
The good thing about cyber-warfare is that in most cases there won't be direct human casualties, though their will inevitably be some, from say
traffic accidents, if you switch off the traffic lights. The effects are repairable, which seems a good idea when, as in Serbia and Afghanistan, the
victorious side is obligated to provide aid to pick up the pieces. If you blow up an enemy power station it stays blown up until someone builds a new
one. If you scramble its software it will be out of action for a few days (or weeks if its operators haven't been backing-up properly), and you can
probably keep on scrambling it until the war is over or the other side learns cyber-security.
On the other hand, there are some military targets that you'd want to shut down the old-fashioned way. If you corrupt a radar fire control computer,
the enemy only has to dust off the back-ups and reboot. If you blow up a radar command and control centre there's no worry about it coming back
Cyber-attacks have been happening since at least the 1980's. In 1986 US astronomer Clifford Stoll stumbled across unauthorised Internet accesses to
his university's mainframe computer. After a good deal of cyber-detective work he tracked down a west German 'Cracker' called Markus Hess, who was
apparently being paid by the KGB to spy on US military computers. Hess was arrested and Stoll wrote Cuckoo's Egg, a book about his cyberspace
Since the web took off in 1993, the public use of the Internet and e-mail has become near universal and many businesses could not operate without it.
But as the Internet has grown, so has the number of malicious attacks upon it. As many of us have experienced at some point ourselves. Some of these
are just silly pranks, the equivalent of digital graffiti; others are serious attempts to steal money or information. The US pentagon military HQ
repels thousands of online break-in attempts every year. Most amateur hackers inspired by the far-fetched 80's cyber-flick War Games, but some may
be real enemy spooks.
If you have encountered security problems with people hacking into your computer like I have and have looked in to hacking learn how it is done you
can appreciate how easy it is to hack.
Everyone knows about email viruses that quickly spread around the world - the 'ILOVEYOU' attack on Microsoft Outlook users in 2000 was particularly
famous - but these are usually traced back to attention-seeking geeks. Organised attacks by government agencies are likely to be far less
The first know virus attack was the Unix Worm of November 1988, which shut down Internet-connected computers all over the world - though at the time
the Net was mainly used by universities, science labs and military. The Unix Worm was traced to computer science student Robert Morris JR. He
hadn't intended to do much damage and even emailed a solution when he realised what had gone wrong but his prank alerted computer users to the
dangers - and possibilities - of deliberate attacks. Since that first attack there have been increasing numbers of calculated assaults on the
Internet, and not just by amateur hackers. The US has admitted to running some cyber-attacks on Serbia during the last ten days of the brief air war
in 1999. No details have ever been released, though it was thought the attack was intended to confuse and blind anti-aircraft defences. Serbia in
turn is said to have attempted to penetrate US and NATO computers thoughout the campaign, but there's no official word on whether it ever succeeded.
Chinese hackers apparently also tried to attack US computers in revenge for the accidental bombing of the Chinese Embassy in Belgrade.
Two years later, in May 2001 diplomatic crisis, a US spy plane landed in china following a collision with a fighter. Angry American and Chinese
amateur hackers claimed they would attack the other's computers assets, but it seems that no damage was done beyond defacing a few website homepages.
More recently, American amateur hackers have been publicly hacking suspected terrorism-supporting websites since September 11 2001. Meanwhile US
intelligence agencies such as the CIA have been quietly combing trough websites and e-mails world-wide looking for Al Qaeda traces.
So far, government-sanctioned cyber warfare seems to be the playpen of spies and spooks rather than armies and air forces. The US FBI has a system
called Carnivore, equivalent to a telephone wiretap that works on Internet Service providers servers to intercept all Internet traffic going to a
suspect's address. This requires the ISP's co-operation - presumably there are other systems for doing it sneakily. In Britain a law has been
passed that requires ISP's to co-operate in police surveillance of Internet traffic. The FBI is also developing a program called Magic Lantern,
which can invisibly download itself like a virus to a suspect's computer, where it records all keystrokes (including passwords) and reports back to
base. There are also at least two hacking programs available free over the Internet that can remotely control Windows computers, including recording
passwords, reading and deleting files. The US NSA supposedly has a global telephone taping system called Echelon that can listen into millions of
call and automatically identify suspect words and perhaps voices. The NSA has never admitted to this, but a European Union investigation concluded in
2001 that Echelon exists - the EU's objection is that it could also be used to spy on business interests as well as military or terrorist targets.
Code Busters at GCHQ
British governments characteristically won't talk about security matters, but you can bet they're also developing cyber-snooping and attack
techniques. If Britain has anything similar to Echelon it would probably be operated by our friends at GCHQ in Cheltenham.
GCHQ is the modern name for the government code and Cipher School (GC&CS), whose famous 'Station X' at Bletchley park cracked the German Enigma
codes during WWII and invented the Worlds first programmable computer (called Colossus) to speed things up. Even its retired staff kept the whole
thing secret until the 1970s, after which the history books literally had to be rewritten because so many allied victories turned out to have been
helped by knowing exactly what the Germans were up to. GCHQ is apparently still expert in Encryption and Cryptanalysis. In 1973 GCHQ staff invented
a super-secure public/private key computer data encryption system and still haven't breathed a word about it - even after US computer researchers
independently had the same idea in 1976, then published it and took all the credit. Today you can download something similar called PGP (Pretty Good
Privacy) for free from the Internet. For years the US government tried to block the most effective 128-bit encryption on programs (such databases,
email and web browsers) exported outside the USA, on the grounds the letting a near-uncrackable code fall into enemy hands was bad for national
security. This proved a losing battle; anyone who really wanted could visit the USA to get hold of the code perfectly legally, then sneak it home.
Anyway, other countries could, and soon did, invent their own 128-bit codes, so by 1999 the US gave up. The code-breaking war is now progressing into
realms that seem just like science fiction. Modern codes are mainly based on multiplying very large numbers in a way that takes even the most
powerful computers years to crack (hence the business with the 128-bit codes). Computer researchers are developing really weird quantum computers,
where spinning atoms can calculate all possible answers to a mathematical code practically instantly and deliver the correct one. So far the
prototype quantum computers can only code with small numbers, but the possibility of models that work with large numbers is scaring the pants off
anyone who relies on secret codes. Other people are trying to develop quantum codes that they reckon will be unbreakable.
Even if an enemy has put lots of computer security in place, kept important computers off the public Internet and succeeded in keeping all passwords
totally secret, it's still possible to knock out vital installations deep in enemy territory. You could bomb them of course, but many of the
installations will be in civilian areas where it's important to avoid casualties.
So what's likely to appear over the next few years is the so-called E-bomb, a small and remarkably cheap weapon designed to produce an intense
Electro-magnetic pulse (EMP) when detonated over the target. There won't be any fatal explosive effect, but for electrical equipment it'll be like
a lightning strike. A huge electrical surge is transmitted into any electrical circuits or power lines within range, causing them to overload and
burn out. Microchips are vulnerable due to their tiny delicate circuits. The first EMP's were created accidentally by nuclear bomb tests in the
1960's. One particular big American bang over the Pacific in 1962 knocked out radio stations 1,200 km away in Hawaii, leading to the 1963
international treaty that bans aboveground testing of nuclear weapons. It's been calculated that detonating a largish nuclear bomb 200 miles above
say, err, Kansas (sorry if you're from Kansas), wouldn't cause any explosive damage on the ground, but would generate an EMP that would knock out
vulnerable electronics over the whole of the US. Using nuclear bombs for EMP would be very much a last resort, but it appears military developers
have been busy working on non-nuclear E-bombs that are effective over a very small area - say a military base or a few city blocks. They would be
small enough to put into a small rocket or precision-guided aircraft bombs and would be detonated a few hundred metres over the target, producing a
focused EMP that point's straight down. The worrying thing is that E-bombs are now simple enough for terrorists to build. Military electronics and
some critical civilian systems are now 'hardened' against EMP's with protective metal cages and circuit breakers that stop any surges.
Fibre-optical cables are EMP-proof too. But a well-placed EMP attack could knock out many civilian electronics and computers causing a country to
grind to a halt with minimal casualties. Secret weapons only work as long as the enemy isn't aware of them. Once you know there's a threat you can
take steps to protect yourself and this will be as true of cyber-wars as traditional blood and guts wars. You've also got to pick your target with
care - hacking only works if the enemy is dependent on computers and microchips.
In the Worldwar series of 'alternative history' science fiction books by Harry Turtledove, a fleet of alien lizards turn up in flying saucers,
park in Earth's orbit and let off a few nuclear bombs, miles up in the atmosphere, so the Electro-magnetic pulses will fry the microchips in the
Earthling's computers. They settle down and wait for civilisation to grind to a halt. Except it doesn't because the lizards have arrived in 1942
and nobody's invented microchips yet - the electronic valves used in 1940's radios, radar and computers being unaffected by electromagnetic pulses.
Maybe the infallible defence against cyber-wars will be a return to good old-fashioned wireless. I certainly think so.