03/08/99 - 08:30CST
Pentagon
Computers Under Attack??By: C. L. Staten, ERRI Sr. National Security Analyst
Increasingly, national security experts are coming to a conclusion that America's essential computer networks are under a sustained "cracker attack" from a variety of sources, officials say. The most recent revelations concern a reported attempt by hackers, allegedly based in Russia, to access sensitive U.S. defense department computers. While some computer security experts say that they believe that these most recent intrusion attempts are only the work of "teen-age wannabes," others say that the pattern and means of attack could suggest something more serious.
U.S. Deputy Defense Secretary John Hamre says of the latest attacks, "It is a major concern." "There are literally hundreds of attempts weekly to break into the DoD computers," an unidentified Pentagon spokesman told the New York Times. U.S. Rep. Curt Weldon told ABC News yesterday that the hacking effort "could be a coordinated attack" on Pentagon computers, aimed at acquiring classified U.S. defense data.
The most notable example of "crackers" using a new method of attack reportedly occurred in January, when a military computer server near San Antonio, TX was probed for two days from foreign Web sites. Although many of the details of the attacks are restricted, it is thought that the attackers are using multiple low-level probes in an attempt to "over-load" security systems and allow access to important root level directories. There are reportedly any number of ways that crackers can infiltrate business and government systems, including password guessers and crackers; software "back doors" left by programmers; "sniffers" that allow interlopers to read passwords as they are being transmitted; and "spoofing," or masquerading as another (authorized) user.
According to military sources, these latest attacks have been routed through servers in at least one other country and that this may be an attempt at misdirection on the part of the crackers. "There's something going on ...There is a pattern of attacks," a Pentagon spokesperson said. "Part of the problem is tracking down and finding what is the real source."
The Pentagon has been the target of a number significant cracker attacks over the past two years, especially during the massive buildup of U.S. forces in the Persian Gulf a year ago. In fact, during last December's bombing of Iraq, security officials at the U.S. Transportation Command reported several incidents of individuals probing the DOD Global Transportation Network -- incidents that may have been of Middle Eastern origin.
Mid-year--1998, EmergencyNet News, analysts from the Emergency Response & Research Institute (ERRI), and other independent observers reported that organized "cracker classes" were reportedly being taught in Pakistan, sponsored by religious zealots who might wish American harm. Although unconfirmed by any official sources, it is thought that the Pakistani classes may have produced a limited number of "more sophisticated crackers" with a religious motivation for their attacks. Some have even gone so far as to tie this group of alleged "Islamist Crackers" to radical groups in England and Afghanistan.
Winn Schwartau, noted author, lecturer, and long-time electronic civil defense advocate commented about the problem, "It still astounds me.... that 8 years after I appeared before Congress warning them about exactly what is happening today, people are still doubtful. I coined the term 'Electronic Pearl Harbor' to visually convey a devastating effect upon American life if things really got out of hand, and while it has not yet reached that stage, it is much closer than ever before."
"I guess Y2K may give us a feel for it since we chose to ignore that, too. Many of the previous nay-sayers, and those who openly accused me of Chick-Little-ism now understand that we were right back then -- just a bit too far ahead of our time, perhaps," he continued. "The time for slow, government action and response is past...Now, we have to commence on the equivalent of a Defensive Electronic Manhattan Project to protect this country...the small handful of dollars that President Clinton offered is ashamedly miniscule," he added. "If those in power do not take action, I think the term criminally negligent will be spouted by lawyers for decades," Schwartau concluded.
Some other experts disagree with the concept that terrorist groups have the capability to carry out coordinated attacks on America's computer infrastructure. "As of right now, there is no terrorist organization that we know of with the necessary skills," said William Church, managing director of the San Francisco-based Centre for Infrastructural Warfare Studies (CIWARS).
Church's group advises governments in Latin America, Asia, and Europe on threats and vulnerabilities in national infrastructures, and publishes the biweekly Journal of Infrastructural Warfare. Most terrorist organizations still lack members with the relevant background, Church said. This has slowed the spread of terrorist-sponsored cracking attacks, and will likely continue to be a barrier.
Information weapons have other drawbacks, Church added. Cyberattacks on a national power grid or communications infrastructure can be crippling in theory, but the weapons have yet to be proven. A physical attack like the recent bombings of U.S. embassies in Kenya and Tanzania still provide a more predictable visceral impact. "Most of the terrorist threats still use physical weapons," Church said. "When you're a terrorist and you get one shot at something, you want to make sure it works."
Church said he doubts the veracity of recent allegations that the recent "hacks" on DoD computers came from Russia. He told EmergencyNet News; "The mention of Russia as the source of attack played into old Cold War thinking and demonstrates the inability of the United States to do the proper threat analysis for this type of intelligence. In fact, the Russian government has been pushing for an IO weapons use treaty and this action is supported by many other nations other than the United States."
George Smith the editor of "The Crypt Newsletter", also remains skeptical. In an article in the Fall-1998 Issue of "Issues in Science and Technology," entitled "An Electronic Pearl Harbor? Not Likely," Smith says, "Although the media are full of scary-sounding stories about violated military Web sites and broken security on public and corporate networks, the menacing scenarios have remained just that -- only scenarios... Information warfare may be, for many, the hip topic of the moment, but a factually solid knowledge of it remains elusive."
While the controversy rages about whether or not this "Cyberwar" actually exists, the U.S. defense and law-enforcement community is said to be in the process of preparing for Net-based attacks. A newly created Critical Infrastructure Assurance Office is responsible for coordinating U.S. agency responses. The FBI is putting together its own National Infrastructure Protection Center, which will respond to individual attacks. The FBI and some computer industry insiders have pointed out that much of America's critical military and business communication traffic travels on civilian backbones, thus requiring both civilian and government cooperation to thwart would-be malicious crackers.
Michael Vatis, director of the National Infrastructure Protection Center (NIPC) at FBI headquarters in Washington, D.C., told the Reuter's news service, "Only by sharing information about incidents and threats and exploited vulnerabilities can we begin to stem the rising tide of illegal activity on networks and protect our nation's critical infrastructure from destructive cyber attacks."
(C) Copyright-EmergencyNet News Service, 1999. All rights reserved. Republication or redistribution without permission is prohibited.
Emergency Response & Research Institute (ERRI)
6348 N. Milwaukee Ave. #312
Chicago, IL 60646, USA
(773) 631-3774 - Voice/Messages
(773) 631-4703 - Fax
webmaster@emergency.com - E-Mail