[iwar] FW: (ai) The Information Time Bomb (fwd)


From: Fred Cohen
From: fc@all.net
To: iwar@egroups.com

Mon, 8 May 2000 15:41:07 -0700 (PDT)


fc  Mon May  8 15:42:21 2000
Received: from 207.222.214.225
	by localhost with POP3 (fetchmail-5.1.0)
	for fc@localhost (single-drop); Mon, 08 May 2000 15:42:21 -0700 (PDT)
Received: by multi33.netcomi.com for fc
 (with Netcom Interactive pop3d (v1.21.1 1998/05/07) Mon May  8 22:42:13 2000)
X-From_: sentto-279987-333-fc=all.net@returns.onelist.com  Mon May  8 17:41:09 2000
Received: from ej.egroups.com (ej.egroups.com [208.50.144.75]) by multi33.netcomi.com (8.8.5/8.7.4) with SMTP id RAA00499 for ; Mon, 8 May 2000 17:41:09 -0500
X-eGroups-Return: sentto-279987-333-fc=all.net@returns.onelist.com
Received: from [10.1.10.38] by ej.egroups.com with NNFMP; 08 May 2000 22:41:16 -0000
Received: (qmail 2170 invoked from network); 8 May 2000 22:41:12 -0000
Received: from unknown (10.1.10.26) by m4.onelist.org with QMQP; 8 May 2000 22:41:12 -0000
Received: from unknown (HELO all.net) (24.1.84.100) by mta1 with SMTP; 8 May 2000 22:41:11 -0000
Received: (from fc@localhost) by all.net (8.9.3/8.7.3) id PAA32517 for iwar@onelist.com; Mon, 8 May 2000 15:41:07 -0700
Message-Id: <200005082241.PAA32517@all.net>
To: iwar@egroups.com
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL1]
From: Fred Cohen 
MIME-Version: 1.0
Mailing-List: list iwar@egroups.com; contact iwar-owner@egroups.com
Delivered-To: mailing list iwar@egroups.com
Precedence: bulk
List-Unsubscribe: 
Date: Mon, 8 May 2000 15:41:07 -0700 (PDT)
Reply-To: iwar@egroups.com
Subject: [iwar] FW: (ai) The Information Time Bomb (fwd)
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

By John T. Correll, Editor in Chief

A new kind of warfare is coming. We are not prepared to meet it.

The Information Time Bomb

The warnings keep on coming. In February, hackers launched a "distributed
denial of service" attack against the nation's largest commercial Web sites,
shutting off access to Amazon.com, eBay, Yahoo, E-Trade, and a number of
others. For most of us, it was no more than a passing annoyance. Disruption
of the Internet occurs often.

Even so, it is generally recognized that everything from the economy to
continuity of the government depends increasingly on a starkly vulnerable
electronic infrastructure.

The Department of Defense reports a rise in "cyber events" on its computer
networks. It detects 80 to 100 attacks a day, of which about 10 are serious
enough to get "detailed investigation."

Occasionally, an incident brings us up short. In January, the computers at
the National Security Agency crashed suddenly and were down for three days.
It was an internal glitch in the system, but at the time, NSA thought it
might be under attack.

Call it another warning.

Contrary to the popular stereotype, not all hackers are teenagers or
domestic malcontents. At least a dozen countries, perhaps twice that many,
have information warfare programs directed at the United States.

Last year, angry about the NATO bombing of their embassy in Belgrade, the
Chinese launched computer attacks on US government Web sites, including the
White House site. In so doing, they blew the cover on clandestine "back
doors" they had planted in US computer networks.

Nobody knows how deeply foreign powers have burrowed into critical US
networks, siphoning off information or awaiting the time to strike. A nation
with hostile intentions can do more than knock down Web sites.

It has been four years since Sen. Sam Nunn speculated about "an electronic
Pearl Harbor." The phrase is repeated often, but we have not made much
progress. A new kind of warfare is coming, and we are not prepared to meet
it.

At an "anti-hacking summit" in February, the White House said the federal
government would become a role model for computer security. At the moment,
it has a ways to go.

A survey by the General Accounting Office finds computer security lax at
most federal agencies. GAO penetrated mission-critical systems at NASA and
said that "we could have disrupted ongoing command and control operations
and modified or destroyed system software and data." At the Defense
Department, the survey said, "pervasive weaknesses" offer abundant chances
to modify, steal, disclose, or destroy data.

The problem does not suffer from lack of discussion. The White House has
issued a "National Plan for Information Systems Protection," complete with
numbered "milestones" and target dates. Congressional committees are holding
hearings and drafting legislation. Industry has set up all sorts of councils
and centers to promote computer security.

For all of the talk, there is little real coordination. The FBI has the lead
for the federal government--to the extent that anybody does--but a law
enforcement approach is not well-suited to either corporate or military
requirements.

Security consultant Mark Rasch told The Washington Post that a successful
case for the FBI means catching the perpetrator and holding a public trial.
For business, success is thwarting the attacker so that he goes away and no
one ever hears about it. The corporate world shows no enthusiasm for any
government solution.

The Department of Defense has assigned the computer network defense and
attack missions to US Space Command, but the armed forces have no charter to
protect any computer systems except their own.

The Pentagon general counsel says that international law is unclear about
when a computer network attack might constitute an "armed attack" or
aggression against our national sovereignty. Our concept of operation is
still in the definition phase.

The White House plan, which leans toward optimism, predicts that "our best
efforts to identify and fix vulnerabilities will slow, but not stop,
malicious intrusions into information systems."

By 2003, the plan says, federal networks should be able to recognize when an
attack is in progress, spread the alarm, isolate the nodes that are under
attack, and divert operations to alternate emergency systems. Meanwhile,
"law enforcement and other agencies would be attempting to locate the origin
of the attacks and take appropriate measures to terminate them," whatever
that means.

That approach is geared to an attack on the Internet by hackers and
criminals. A military attack on the national infrastructure would call for
stronger measures, including more weight on the offense.

Part of the requirement is the development of new capabilities that do not
now exist, but that may be the easy part. With investment and determination,
the technology will come. The more difficult parts are organization and
strategy.

Our military, civil, and commercial infrastructures are too interdependent
to treat separately. Defending them will require integration of effort by
defense, law enforcement, intelligence, and private participants on a scale
not previously attempted, or even contemplated.

We must reach a firm decision that we will regard an attack on our national
information infrastructures as an act of war. It must be totally clear that
we will respond as surely and swiftly as we would to an invasion of our
borders or to an attack on our forces.

Ambiguity is inherent in this new form of war, but that must not suggest to
our adversaries that they might get a free shot.

------------------------------------------------------------------------
Join Garden.com's affiliate program and enjoy numerous benefits. 
To learn more click here:
http://click.egroups.com/1/2753/11/_/595019/_/957825672/
------------------------------------------------------------------------

------------------
http://all.net/