It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

Beware the potential for digital war

page: 1
0
<<   2 >>

log in

join
share:

posted on Feb, 3 2003 @ 08:34 PM
link   
While ATS was down, I met up with a long-lost associate who was recently a military advisor who participated in information warfare "what-if" exercises that the Pentagon and the White House ran in the late 1990s.

"If a hostile group ever attacks the U.S. through the Internet and takes out a telecom firm, we'll be in a state of war," my friend told me. "All bets are off. The Fourth Amendment could be on hold. If EarthLink is attacked, the Army could show up and seize control of their servers." That was news to me. Might a shadowy corps of U.S. digital-soldiers be ready to defend your e-mail in-box from an angry force seeking revenge for a strike on Iraq? Would using the military to defend U.S. companies even be legal? Or is Winston now living a bad knockoff of a Tom Clancy novel?

It turns out that the best thinking about cyberwar remains in flux, even after military wonks and nicely compensated Beltway contractors have spent the better part of a decade noodling over it. The reason: We're still waiting for the first real cyberwar between nations to take place.

Public debates go back at least as far as 1995, when Richard Aldrich, an Air Force staff judge advocate, wrote a paper called "The International Legal Implications of Information Warfare." He pointed to how the staid Law of Armed Conflict , formalized in the 1949 Geneva Conventions, doesn't jibe well with communications that are digital, global and difficult to trace. An implication is that it may not be permissible for a nation to deploy blunt offensive tactics like the recent Sapphire worm that snarled SQL servers -- unless the crack was crafted to disable only legitimate enemy targets, it would violate international law.

The Pentagon continues to do what it always does best: It has institutionalized and bureaucratized the study of computer warfare, making it a part of the larger field of so-called "information warfare". The Navy's Fleet Information Warfare Center has added "computer network defense" to its charter, and the Naval Postgraduate School conducts "red team" intrusion exercises for students.

A very serious problem that governments and corporations face is that the appropriate response depends on whether the culprit is a malicious hacker, a terrorist network--or the dictator of Iraq keyboarding furiously from a bunker deep below Baghdad. Most often, the source of an in-progress attack is unknown until a postmortem examination is completed. Depending on the source and the intent, the same type of intrusion could be anything from a criminal offense or a declaration of war.

I believe the threat of so-called cyberwarfare, while certainly real, may be overhyped: True, it's possible for electronic intruders to damage infrastructure, but seizing control of systems from the outside is extremely difficult -- often impossible -- and usually requires inside knowledge.

President George W. Bush and the executive branch would have surprising authority to respond to electronic onslaughts. The theory of the Constitution was we don't like war. Before the president can make a decision to go from peace to war, he needs to have the permission of both houses of Congress. But if we are attacked, as commander of chief, the president wields executive power and does not need approval from Congress to initiate a defense.

In other words: If things get bad enough, perhaps say goodbye to civil liberties for a while, including the Fourth Amendment's protection against "unreasonable searches and seizures." The Supreme Court has always held that what is reasonable depends on context. If you're in a situation where people are being killed and you're trying to save lives, you can be more intrusive... Protecting the state is a higher duty. To say otherwise is to sacrifice the ends to the means. If you're unwilling in times of crisis to depart from the law, and you lose your freedom, you've done no service to anyone.

But even though a successful electronic attack is implausible, we should still remember to remain skeptical about governmental overreaching in times of apparent crisis. Once gained, additional surveillance power is not readily relinquished, and new data-mining centers like the one Bush has proposed bear close scrutiny. In such a case, even an unsuccessful attack could result in the kind of disruption the attackers are hoping to accomplish.


Comments?



posted on Feb, 3 2003 @ 11:00 PM
link   
The Clouds of Digital War. Will the Next Terrorist Attack Be Delivered Via Cyberspace?

July 8 Many security experts fear that the next big terrorist strike against the United States
might be on and through the Internet and other vital interconnected computer networks.

And the suspected attacks won't just deny Net surfers access to their favorite Web site or increase the risk
of damaging computer viruses through e-mail. Rather, experts say the next cyber attack could actually lead to
physical damage to real-world targets.

For example, terrorists might decide to take out the nation's telecommunication networks by
modifying the software of computers that control the switching network. Or, they might work
their way into the digital software systems that help air traffic controllers guide the thousands
of planes that fly over U.S. cities.

"It was unthinkable almost a year ago in the general public mind that a common airplane would
be used in attacks against buildings," says Simon Perry, vice president of security for Computer Associates in Islandia, N.Y.
"It's the same here. IT [information technology] will be used to attack the physical world."

Evidence of Possible Training

Sound farfetched? Perhaps.

But evidence is mounting that such cyber warfare may be on the minds of al Qaeda terrorists.

As first reported in CIA secret documents and later confirmed by Anti-Terrorist Operations Group . Investigators have discovered
there have been numerous anonymous probes over the Internet for information regarding the nation's emergency phone system, water-distribution networks,
and power grid all critical parts of the U.S. infrastructure.

Perhaps more disturbingly, officials also confirmed to Anti-Terrorist Group that some of these "probes" were focused on "digital switches"
devices designed to allow authorized personnel to monitor and control various aspects of a complex network of machines

Vulnerable Switches?
Perry says these control systems used to be "esoteric systems" ones that used proprietary interfaces and computer languages and were accessible only to those who were trained in their specific designs.
But many such control systems are now based on the same UNIX software and communication protocols used by computers that are widely connected to the Internet. And while most control systems aren't connected directly to the Internet or accessible through a simple Web page, they are connected to other computer systems that typically are available online.
And there have been cases where others typically disgruntled former employees or other malicious insiders have used such hidden, but still-vulnerable systems for their own exploits.
Peggy Weigle, chief executive officer of software security firm Sanctum in Santa Clara, Calif., notes that just such an incident occurred a few years ago in Australia.
In that case, a former employee of a water-treatment plant had managed to gain control of the digital switches and secretly reversed the flow of fresh and sewer water. (The employee had hoped that the company would hire him back in order to solve the problem.)
While such incidents have been few and isolated, some security experts worry that it won't remain so for long.

A Mix of Old and Digital
"We've been talking about this kind of [threats] for months," says Weigle. "Just by looking at the organizations we've been involved with financial institutions, water-treatment plants, power plants they are all vulnerable to attack."
And Weigle believes that the power of such terrorist attacks could be devastating especially when coupled with an attack using conventional means.
"Let's say they launch an attack on a power station," says Weigle. "Someone's going to call into the 911 emergency system. A lot of these [phone] systems are based [on computer protocols]. Can they be hacked? I think so. How long would it take people to figure out the right information on what was going on and what was wrong?"
But some say that such wide-ranging network attacks while possible are extremely difficult to pull off.
"It would still be fairly difficult [to] break in and jump through different switches," says William Tang, chief executive officer of Digital Security Consulting, an Arcadia, Calif., company that advises the electric power-generation industry. "There are some process controls, if you decide to throw all 500 switches that control
the power in Southern California, it could alert a human before it does that."
Other experts note that companies and public institutions aren't exactly unaware or insensitive to the threats of Internet security.
George Hellyer, a director at security consulting firm JANUS Associates in Stamford, Conn., says that the years of attacks by hackers with viruses and the recent unconventional attacks by terrorists have stirred some movement by the public and private sectors.
When it comes to addressing network security issues, "we've seen changes over the last several years," says Hellyer. "They're thinking outside of the box and addressing what we thought was unthinkable is now possible."

Keys to Survival
However, Hellyer and others note that awareness is just the beginning and that both the government and the corporate world still have a lot of work to do when it comes to preparing for and preventing a cyber attack using the nation's information and support infrastructure.
For one, many believe that while corporations are paying attention to the threats against their networks, they aren't spending nearly the amount they should be on security solutions.
"When you work out the percentage of corporate budgets spent on IT security, it's less than 1 percent," says Computer Associates' Perry. "Most organizations spend more on coffee that IT security." By Perry's estimation, companies should be spending at least 100 times more on security measures.
And the money that companies do spend on network security shouldn't go to just technology solutions such as firewalls or network intruder detection systems, but toward hiring smarter, security-savvy people who will actually manage the various networks.
Over the last two years, the number of computers added to the Internet has more than doubled from 71 million to more than 146 million, says Alan Paller, director of research at the SANS Institute, a network security information clearinghouse in Bethseda, Md.
"Yet, there has only been about 25,000 people who can even spell 'security' that have been added in those two years," says Paller. "We need to up the security skills of these [network engineers]. And that's not going to happen overnight."



posted on Feb, 3 2003 @ 11:13 PM
link   


I believe the threat of so-called cyberwarfare, while certainly real, may be overhyped:


overhyped? Not likely ....




True, it's possible for electronic intruders to damage infrastructure, but seizing control of systems from the outside is extremely difficult -- often impossible -- and usually requires inside knowledge.


Often impossible? Extremely difficult? Again, not likely.

Winston,

What's the first few thing's you do when initiating an attack? I doubt you even know .... The step's taken make the task easier than you could imagine.

[EDIT] --// An experianced hacker wouldn't have too many difficulties. Someone new to hacking might get frustrated, but could still pull it off if he has enough patience. \\-- [END]

[Edited on 4-2-2003 by e-nonymous]



posted on Feb, 3 2003 @ 11:15 PM
link   
TRoT,

Where'd you get that from? Very interesting read, especially since it's all very very possible if someone really wanted to do it.



posted on Feb, 3 2003 @ 11:31 PM
link   
The more digitised a society the more vulnerable it becomes to 'digital' attack. Whilst only a 'nightmare' at the moment, the capbility is almost certainly there to cripple western civiliastion. Small groups can carry out attacks from afar and anonymously which could cause damage an order of magnitude greater than 9/11.
After reading reports over the last 2 decades of what hackers ( individually or in small groups ) have accomplished, it is scary to think what a coordinated effort may achieve. There almost certainly ( in the near future ) will be a gifted individual who is fanatically anti-US, with the capability to carry out these attacks. As far as I know, no system is invulnerable. The only safeguard would be to have critical systems isolated from outside communication.

I was wondering as well, would the NSA be able to crack commercial encryption programs ?

[Edited on 4-2-2003 by mad scientist]



posted on Feb, 4 2003 @ 05:21 AM
link   
mad scientist,

It's not just the western (USA) that would be crippled. It's every part of the world connected to the internet that's going to get screwed as well. You think the terrorrist's will stop with the USA? Do you think the USA won't retaliate? What if the terrorist's made the attack look like it was comming from your computer and get's our government to attack you instead? They could do this. Hell, if I looked into how, I could bounce my IP off your's and post here with your IP if I had it. Don't believe me, then U2U me your IP and we'll have the mod's check when I've done it!
Might take me a few day's to get it right, might be able to do it tomorrow!


Of course the NSA can crack ANY commercial or non-commercial encryptian program. The US government isn't stupid ... They kinda ... make it their point to know certain thing's ...

But I'm serious, U2U me your IP and I'll show you how easy a terrorist could make an attack look as if it were comming from you.



posted on Feb, 4 2003 @ 07:43 AM
link   
IP spoofing may indeed make it appear as though your web and e-mail access is indeed routed different than reality, it isn't a reliable mask for an outright attack. The slave system you conquer will undoubtedly have traces of your intrusion (I've seen it). Back-tracing to victim zero isn't difficult for standard tactics.

E-nom, you seem so certain with what is, what is not, and what is likely to be possible. Have you ever been involved in hardening security against attack? Have you ever traced an attack to the individual that launched it? You display the typical bravado of the hacker culture, a bravado which very often results in capture.

While TRot's post (written by Mr. Paul Eng, a technology writer for ABC News) is essentially accurate, I doubt that an outside digital attack would target the crippling of actual "real-world targets" (as if digital targets are less real). A focused Internet infrastructure attack could cripple the economy much more readily. Imagine the immediate stock market effect if an attack were to cripple backbone switches.

The sad thing is, real hardened security is not too difficult, but the Internet and associated initial software were designed with full-share utopian ideals... almost a purposeful back-door for those who think of such things.

You could certainly have my home IP, but there's nothing you could do with it, other than scan and hope. You'll find a Linksys router that denies most ports, and provides NAT security and WEP encryption. It's configured to automatically request a new IP from our ISP when it sense a port scan. And on the other end of that are Macintosh OS X computers. Very secure.



posted on Feb, 4 2003 @ 05:34 PM
link   
Winston,

IP spoofing is different from IP bouncing. With IP spoofing, your just tricking your target into thinking your comming from somewhere else. With IP bouncing, your target doesn't even see you. And won't, unless whomever your bouncing off of keep's log's. Let's face it, the average internet user does NOT keep log's. So, if I were to use your IP to bounce off, and launch an attack on the forum's here, once the mod's fix everything and find out how did it, they'd point their finger's at you. Now, if you keep good log's, their's a chance you could prove your not the culprit. But!!! What if I decided to use an anonymous proxy that didn't cache (log) whomever used it? Sure, you've proved you didn't do it, but the person who did (me) remain's unknown.




Have you ever been involved in hardening security against attack?


Yes, I have... Every sunday around 8pm EST. It's quite a challenge too. Seem's like the person who's attacking alway's has a way in... no matter how secure you think you are.




You display the typical bravado of the hacker culture, a bravado which very often results in capture.


Hmmm... I could prolly get captured, but only if I've done something illegal. I would never do any illegal hacking myself. Every form of hacking/cracking I do is completly legal. Can't get in trouble for that!





I doubt that an outside digital attack would target the crippling of actual "real-world targets"


And imagine the amount's of death and destruction if a terrorist took this route.... Terrorist's don't usually target economies, they kill people. Not your wallet ...




You could certainly have my home IP, but there's nothing you could do with it, other than scan and hope. You'll find a Linksys router that denies most ports, and provides NAT security and WEP encryption. It's configured to automatically request a new IP from our ISP when it sense a port scan. And on the other end of that are Macintosh OS X computers. Very secure.



OOOOOO!!!!!
Is this an open invite?!


I wouldn't do anything to your computer. I promise! I like a good challenge! If you really wouldn't mind, I'd like to try it. We can see just how secure you really are, and IF I do find a way in, I'll let you know so you can patch it up... Hell...I'll even patch it for you while I'm in there! lol
U2U me your IP if your ok with it....



posted on Feb, 7 2003 @ 04:56 PM
link   

WASHINGTON FEB. 7. The U.S. President, George W. Bush, has signed a secret directive ordering his administration to develop a national-level guidance for determining when and how America should launch cyber attacks against `enemy' computer networks, officials said.

Similar to the strategic doctrine that has guided the use of nuclear weapons since World War II, the cyber-warfare guidance would establish the rules under which the U. S. would penetrate and disrupt foreign computer systems, the Bush Administration officials were quoted as saying by the Washington Post.



Full Story: Click Here



posted on Feb, 7 2003 @ 11:43 PM
link   
Why not attack our enemies on every front.

Last night I saw a news story about an Al Qai'da website that shows their members targets around the world. They have pics detailing security of the targets. Al Qai'da is using this website as a cyber-meeting place and intel point for the worldwide network.

We should tear down that website right now and trace their members down. Hopefully my friend working at the Information Warfare Center will unleash his computer science knowledge on these thugs and make their effort worthless.



posted on Feb, 8 2003 @ 07:10 AM
link   
Attacking a computer network is currently illegal.

How do we define when a cyber attack is a "legal" act of war.

And Mr. secret agent, how will you protect friendly networks from the potential fallout of attacks on unfriendly networks?



posted on Feb, 8 2003 @ 10:51 AM
link   

Originally posted by e-nonymous
TRoT,
Where'd you get that from? Very interesting read, especially since it's all very very possible if someone really wanted to do it.


E, I get this information from alot of different sources. Yeah i do know it is very possible, as someone is going to do it.



posted on Feb, 8 2003 @ 12:07 PM
link   

Originally posted by William
Attacking a computer network is currently illegal.

How do we define when a cyber attack is a "legal" act of war.

And Mr. secret agent, how will you protect friendly networks from the potential fallout of attacks on unfriendly networks?


Quit with the secret agent BS. I haven't said anything classified here and I won't in the future either. Sorry, but you're going to be left out in the cold with my classified knowledge.

As for this thread and aside from your personal attacks...taking down the enemies' computer systems is not illegal in a WAR. So you think taking out Abdul's terrorist webiste is illegal, yet it's not illegal to kill Abdul??? Very funny.

You worry about the fallout on our computer networks??? You honestly believe these terrorist computer specialists that we're targeting aren't planning to do the same to us??? So you're saying we shouldn't attack them because they might attack us. Did we fly any hijacked airlines into buildings in the Middle East??? Using your logic I must've missed this news story that created the 9/11 attacks.

[Edited on 8-2-2003 by MT69]



posted on Feb, 8 2003 @ 02:27 PM
link   
For now, MT69 is banned...

however, to respond to this point...

The nature of the Internet makes it very hard to differentiate between a friendly and unfriendly network. This is why worm and replicating virus attacks have become so successful. Apparently he misunderstood the nature of my question. Attacking a computer network will be something like blowing up a bomb in the sewer... sh!t will come out where you don't expect it.



posted on Feb, 8 2003 @ 07:18 PM
link   
...And that's when the compost connects with the rotary oscillator...


See, that's the problem with people today (& politicians in particular)...They have no concept of the true consequences of their actions. They may be doing what they think is right (according to the finite amount of knowledge & experience that they have) at the time, but who can truly foresee all of the ramifications before the act is performed?



posted on Feb, 8 2003 @ 08:23 PM
link   
I, though not proud of it and NEVER bragg about it, have taken control of a personal computer. The victim really had no control over what i was doing while he/she was connected to the internet.

The simple solution was to disconnect their internet connection but they didn't. It makes you think though, if a terrorist organisation did seize control of a system, physical intervention (in laymans terms removing any wires connecting them to said network) could solve it. Surely, no matter how advanced their computer system was, pulling out a wire must stop it.

Even if the system needed a constant network connection, there would be measures to get around such a situation. Feel free to flame me if i'm wrong. I'll take it on the chin


Take too long however, and the damage is already done. The compost has already connected with the rotary oscillator and you're left with the mess.

[Edited on 9-2-2003 by tandino]



posted on Feb, 8 2003 @ 11:59 PM
link   
This MT69 character must be caught, he has given away too many secrets.



posted on Feb, 9 2003 @ 02:38 PM
link   
First, there was no need to ban MT69.

Second, can anyone clue me in on the addy to the site he was talking about!?

Last but not least,




How do we define when a cyber attack is a "legal" act of war.


In a war situation, you agree killing th enemy is legal, right? Else, why the f*** would we do it? In a war situation, the defacement of your enemies website's that reveal strategic information on proposed targets, would prolly be a good idea to shut down. This is one of the reason's cyber war is being looked into. Ther are many other way's to conduct cyber war, and in a wartime situation, the issue's of legality are thrown out the window... it's a war for god's sake ... Tell me ONE thing about a war that IS legal


TRoT,




E, I get this information from alot of different sources. Yeah i do know it is very possible, as someone is going to do it.


How do you know someone is going to do it? You mean you personally know this? U2U me to continue the convo....

William,




Apparently he misunderstood the nature of my question. Attacking a computer network will be
...

Ohhh ... ok, I see where you were going with it now.... Still, attacking one site, won't bring down an entire network, and even at that, you can find the owner of the site's IP addy and DoS his a** so he's unable to use his b0x online .... Monitor the site, see who connect's to it, DoS then as well. No need to attack an entire network at all....



posted on Feb, 9 2003 @ 02:45 PM
link   

Originally posted by e-nonymous
First, there was no need to ban MT69.


It's not open for discussion.



posted on Feb, 3 2004 @ 11:27 AM
link   
This will most likely be the next front for attacks against nations in our future. Computers and the internet (as a digital world) are transforming peoples lives to the point where we all become computer literate.

As a weapon, the internet, I believe is very powerful in terms of its ability to be harnessed by those with the knowledge of its language.

Not only that, digital-cyber war is the front for propagandist/information warfare as well, as it has an ability to spread views against governments, and reveal truths quickly to large amounts of people.


If the internet ever gets shut-down or drastically altered, it'll be like going back to cave-man status.



new topics

top topics



 
0
<<   2 >>

log in

join