The next world war could be waged on the Net.At least that's what security pundits are saying, following President Clinton's request for $2.8 billion of the budget to go toward fighting "exotic forms of terrorism," from chemical warfare to online attacks.
Combating these menaces will "dominate national defense in the next century," Clinton said Wednesday. The requested expenditures would include hiring "computer experts who could respond quickly to electronic terrorist attacks," said Clinton.
Picture this scenario: North Korea hires 35 hackers to crack U.S. defense systems with commercially available equipment and software downloaded from the Internet. Their mission: to prevent the U.S. Air Force from flying over Korea.
Without actually breaking any countries' laws, the 35 tricksters work their way into the power grids and 911 emergency phone lines in 12 U.S. cities, and shut them down. With a similar degree of ease, the nefarious hackers then gain control of 36 computers at the Pentagon. All of this happens within four days. And army and navy generals are unable to tell that the ludicrous commands they are receiving from the warped systems are bogus.
The Pentagon recently ran a simulation of this hypothetical event, an exercise it called the Cyber Receiver, to illustrate the threat to national security. Now security activists are pointing to such examples in the wake of Clinton's commitment to fighting cyber warfare.
"We as consumers are all vulnerable to such attacks," insists James Adams, CEO of iDefense and author of The Next World War: Computers Are the Weapons and the Front Line Is Everywhere A Study Of Information Warfare, along with 11 other treatises on such topics. Adams recently founded Infrastructure Defense, or iDefense, whose mission is to "defend the critical infrastructure from cyberspace threats."
Adams' organization is effectively a consultancy looking to cash in on a heightened level of security hysteria. Not content to use the word "hacking" to describe security breaches, Adams sounds the alarm bell with cries of "cyber terrorism." These acts can include one nation attacking another in a time of war, economic espionage, criminal theft or blackmail, or your more traditional hacking by disenchanted employees and geeks with nothing better to do on a Saturday night, according to Adams.
Alas, there is no security system strong enough to battle all of these fiends, but iDefense says it will help businesses find the right security solutions. The firm plans to build up "red teams" squads of superhackers who will test the strength of systems that purport to be secure. This will be part of a certification methodology that iDefense will use to evaluate and guarantee the safety of company infrastructures and Web sites.
Microsoft (MSFT) has joined as a "charter member" of the organization, helping iDefense hatch its plans. IDefense is also trying to solicit Fortune 500 companies to join, at $1 million a pop, says Adams.
Companies may be willing to fork over the cash to protect themselves. "We believe it's important to protect our national security. Most of the security protecting the public is owned by the private sector," says Adam Stone, a VP at Microsoft. "We have a lot of products in installations that are required to be secure: in law enforcement, the legal profession and national security. All of the big wars in this country never happened here, but with pervasive computing, it could happen here. Let's prevent it."