[iwar] The "Love Bug Virus Attacks," Asymmetric Warfare...
From: Saso
From: saso@vsecureit.net
To: iwar@egroups.com
Tue, 11 Jul 2000 11:10:01 +1000
fc Mon Jul 10 18:10:18 2000
Received: from 207.222.214.225
by localhost with POP3 (fetchmail-5.1.0)
for fc@localhost (single-drop); Mon, 10 Jul 2000 18:10:18 -0700 (PDT)
Received: by multi33.netcomi.com for fc
(with Netcom Interactive pop3d (v1.21.1 1998/05/07) Tue Jul 11 01:10:11 2000)
X-From_: sentto-279987-446-963277805-fc=all.net@returns.onelist.com Mon Jul 10 20:10:00 2000
Received: from hm.egroups.com (hm.egroups.com [208.50.99.198]) by multi33.netcomi.com (8.8.5/8.7.4) with SMTP id UAA16187 for ; Mon, 10 Jul 2000 20:10:00 -0500
X-eGroups-Return: sentto-279987-446-963277805-fc=all.net@returns.onelist.com
Received: from [10.1.10.37] by hm.egroups.com with NNFMP; 11 Jul 2000 01:10:04 -0000
Received: (qmail 1078 invoked from network); 11 Jul 2000 01:10:04 -0000
Received: from unknown (10.1.10.142) by m3.onelist.org with QMQP; 11 Jul 2000 01:10:04 -0000
Received: from unknown (HELO haven.siol.net) (193.189.161.24) by mta1 with SMTP; 11 Jul 2000 01:10:03 -0000
Received: from haven.siol.net (localhost [127.0.0.1]) by haven.siol.net (Postfix) with ESMTP id BFB8D11728 for ; Tue, 11 Jul 2000 11:10:01 +1000 (EST)
To: iwar@egroups.com
Message-Id: <20000711011001.BFB8D11728@haven.siol.net>
From: Saso
MIME-Version: 1.0
Mailing-List: list iwar@egroups.com; contact iwar-owner@egroups.com
Delivered-To: mailing list iwar@egroups.com
Precedence: bulk
List-Unsubscribe:
Date: Tue, 11 Jul 2000 11:10:01 +1000
Reply-To: iwar@egroups.com
Subject: [iwar] The "Love Bug Virus Attacks," Asymmetric Warfare...
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
------- Forwarded Message
Date: Mon, 10 Jul 2000 17:02:36 -0500
From: InfoSec News
Subject: [ISN] The "Love Bug Virus Attacks," Asymmetric Warfare...
To: ISN@SECURITYFOCUS.COM
Forwarded By: C. L. Staten
From: ERRI DAILY INTELLIGENCE REPORT-ERRI Risk Assessment Services
Monday, July 10, 2000
Vol. 6, No. 192
The "Love Bug Virus Attacks," Asymmetric Warfare; Future National
Security Implications...
by C. L. Staten, CEO and Sr. Analyst
Emergency Response & Research Institute (ERRI)
"Only civil virtue can bring peace to an empire; only martial virtue
can quell disorder in the land. The expert in using the military has
three basic strategies that he applies: the best strategy is to attack
the enemies reliance on acuteness of mind; the second is to attack the
enemies claim that he is waging a just war; and the the last is to
attack the enemies battle positions." -- Sun-Tzu, The Art of Warfare
(1)
Has anyone noticed that the only thing that spread more rapidly than
the so-called "Love Bug Virus" was the proliferation of commentary
about it. In fact, the talk dominated many forums for several days
after the virus was first discovered. Given this level of interest
that was demonstrated and the estimated BILLIONS of dollars of damage
that was been done by this virus...one has to wonder what the
intelligence and defense community of the United States is doing about
taking a pro-active stance to protect our vital infrastructures??
Although costly to corporate America, it would appear that we as a
country, have again "dodged the bullet" of major damage to our
military and intelligence C4I networks. That may be due to the fact
that most of the known attacks so far have targeted commercial,
business or other internet-related organizations. But, the attacks
that have taken place so far beg a question that must be asked at this
juncture: What is going to happen when a concerted effort is
undertaken by experts to use denial of service attacks (2), in concert
with viruses, root-cracking, and other computer-based infrastructure
attacks to attack the defense/intelligence establishment of our
country and her security alliances throughout the world??
We see each of these recent sets of attacks as a potential "test of
effectiveness" trial. As previously discussed by this author and a
number of our other esteemed colleagues (Wilson and Fuller, Denning,
Forno, Schwartau, Toffler, etc.)(3)(4)(5)(6) one has to wonder when we
are going to take these examples of 4th Generation/Asymmetric warfare
seriously enough to make them a formal and more integral part of our
future defense preparedness and planning. Each wave of these attacks
continues to demonstrate a new and more evolved capability on the part
of our adversaries.
Given a natural evolution of these tactics and the stated intent of
some our transnational enemies, We must suggest that serious
consideration be given at the highest levels of the U.S. and allied
governments to the possibility that these tactics may be COMBINED with
the use of a series of conventional terrorist attacks -- or worse yet
- -- unconventional weapons (WMD's), to cause a vastly disproportionate
effect on the both the economy of the USA and the overall psyche' of
the world.(3) In light of these circumstances, it would appear that we
may be quickly coming to a critical juncture in the way we respond to
these threats and ultimately defend our country.
Stock-market watchers might suggest that some of these
electronic/unconventional tactics have already had a preliminary
intended effect on our economy, shown by a recent decline in world
stock markets. The insurgents are spreading mistrust/a lack of
confidence in the technology sector...the very place where the U.S.
economy has show the greatest increases in productivity and where a
majority of our advantages in international business and military
superiority have been shown in recent years. The economic capabilities
of many nation-states, including the United States, are increasingly
becoming a "center of gravity" that will be attacked by various kinds
of insurgent forces.
According to classic Clausewitzian theory, "a center of gravity is
always found where the mass is concentrated most densely... Clausewitz
argued that this is the place where the blows must be aimed and where
the decision should be reached. He failed to develop the idea of
generating many non-cooperative centers of gravity by striking at
those vulnerable yet critical tendons, connections, and activities
that permit a larger center of gravity to exist."(6)
Strategist and military thinker, Col. John R. Boyd, contradicts
Clausewitz by suggesting that the tactics of the future may: "Generate
many non-cooperative centers of gravity, as well as disorient or
disrupt those that the adversary depends upon, in order to magnify
friction, shatter cohesion, produce paralysis, and bring about his
collapse; or equivalently, uncover, create, and exploit many
vulnerabilities and weaknesses, hence many opportunities, to pull
adversary apart and isolate remnants for mop-up or absorption."(6)
"Perpetrated by mercenaries, ideological or religious zealots-- it
doesn't matter which -- corporations and business networks will
undoubtedly become future targets of terrorism. More enlightened
terrorists have discovered (maybe already in some countries), or will
discover soon, that the path to the fear and chaos that they crave
most may be more easily achieved by a wide-scale attack on
infrastructure/economic targets, thus causing a general breakdown in
society..."(7)
Particularly in those fractionalized nation-states that are already
less stable or suffering the pangs of religious and political
separatist movements, the targeting of economic targets may prove
extremely successful in orchestrating the eventual overthrow of the
established government.
The Current "Anti-Capitalist Movement" and Similarities to "Classic"
Guerilla Warfare Activities
Most informed observors have not, so far, drawn any linkage between
recent civil disturbances in several countries, sporadic terrorist
acts, and an increasing number of various kinds of attacks on computer
systems...all of which may be associated with an increasing
re-emergence of what this author calls the "old left." Yet, there are
many parallels that can be drawn with regard to strategies and tactics
being used in recent events and those described by Mao Tse-Tung in his
classic work, "Mao Tse-Tung on Guerilla Warfare."(8)
Griffith succinctly describes a number of Maoist tactics that may have
been adapted and are being used by "anti-capitalist," Muslim
extremist, FARC guerillas in Colombia, and any other number of
separatists movments; "The [the guerillas] rely on imaginative
leadership, distraction, surprise, and mobility to create a victorious
situation before the battle is joined. The enemy is decieved and again
decieved. Attacks are sudden, sharp, vicious, and of short duration.
Many are harrassing in nature; others are designed to dislocate the
enemy's plans and to agitate and and confuse his commanders. The mind
of the enemy and the will of his leaders is a target of far more
importance than the bodies of his troops."(9)
In other words, according to Griffith, "The enemy's rear is the
guerilla's front...they [the guerillas] themselves have no rear." With
our increasing reliance on technology for our success, America's
computer infrastructure must presently be considered one of the most
essential parts of "our rear."
Clearly socialist, communist, or even anarchist in viewpoint, much of
the rhetoric contained within many recent hard-core "anti-capitalist"
statements would seem to advocate the future use of violence if
non-violent measures and actions do not accomplish their
self-determined objectives. One must wonder how long it will be before
the more radical of the "anti-capitalists" decide that the use of
explosives or other weapons is the next logical step in their protest
of international trade.
China, Unrestricted Warfare, and Multi-Dimensional Conflict
One of the more troubling documents that this author has had occasion
to read in recent times is a book by two Chinese People's Liberation
Army (PLA) colonels. The book is entitled "Unrestricted War." (10) In
it, are plans to utilize various kinds of unconventional warfare
methods to defeat superior enemy (the unnamed United States). Included
would be the use of "conventional" terrorism, the use of chemical,
biological, and nuclear weapons, and attacks on critical computer
infrastructure targets. By combining these various unconventional
tactics, "Unrestricted War" hypothesizes that the attcker can have a
advantageous disproportionate effect, even on a militarily superior
enemy.
Admittedly, it is unlikely that attacks on America's computer
infrastructure will cause the kind of massive numbers of dead and
wounded citizens that we would normally attribute to either
conventional terrorism or open warfare. While it is possible that the
right kind of cyber-attack, undertaken in the right way, and attacking
the right nodes of our critical systems could result in injuries or
deathes, it is far more probable that these attacks will be used as a
"force multiplyer" and undertaken in concert with the use of other
types of more conventional weapons. In fact that is exactly what Liang
and Xiangsui suggest in their work described above (11).
Maybe as problematic as the fact that Chinese strategists appear to be
exploring plans to defeat a superpower like the United States, is the
fact that the concepts outlined by the two Chinese colonels could
almost immediately be undertaken by any number of "rogue states,"
"non-state actors," or terrorist organizations.
Conclusion
"This revolution [in Information or Assymetric Warfare] also requires
the political and military leadership to understand the purpose and
consequences of war and the risks that attach to any military action.
On recent evidence, none of these attributes are present to any
degree, and across the world a risk-averse approach to warfare in all
its forms has seeped into the corridors of power. That in turn will
lead to an increasing dependence on IW (Information Warfare) as the
perfect solution for fighting wars with no risk of casualties and at
relatively low financial cost. But, that is to seek the very silver
bullet that does not exist. As David proved to Goliath, strength can
be beaten. America today looks uncomfortably like Goliath, arrogant in
its power, armed to the teeth, and ignorant of its weakness." (12)
References:
(1) "Sun-tzu, The Art of War," Translated by Sawyer, R. D., Published
by Barnes and Noble Books/Westview Press, 1994
(2) "Series of "Real-time" EmergencyNet News Reports Concerning Denial
of Service Attacks on Leading Web Sites on the Internet - 08 Feb 2000
to 16 Feb 2000", Staten. C. L. et al, EmergencyNet News, 2000.
Available on the internet at:
http://www.emergency.com/2000/dos2000.htm
(3)"Emerging, Devolving Threat of Terrorism," BY Fuller, F. and
Wilson, GI, ENN Daily Report - 11/30/96 - Vol. 2, No. 335. Available
on the Internet at: http://www.emergency.com/devlthrt.htm
(4) "Information Warfare and Security," Denning, D., Addison-Wesley,
1999. Errata. Available for purchase on the internet at:
http://cseng.awl.com/bookdetail.qry?ISBN=0-201-43303-6&ptype=0
(5) "Hidden Threats And Vulnerabilities To Information Systems At The
Dawn Of A New Centruy, Forno, R., EmergencyNet News; 11/22/98
Available on the internet at: http://www.emergency.com/techthrt.htm
(6) "War and Anti-War; Survival At the Dawn of the 21st Century,"
Toffler, A. and H., Published by Little Brown and Company, 1993,
Pg. 141
(6) "Historical Pattern: Carl Von Clausewitz'On War'- 1832; Patterns
of Conflict" Boyd, J.R., Available on the internet at:
http://www.belisarius.com/default.htm
(7) "Asymmetric Warfare, the Evolution and Devolution of Terrorism;
The Coming Challenge For Emergency and National Security Forces,"
Staten, C. L., ERRI, 04/27/98. Available on the internet at:
http://www.emergency.com/asymetrc.htm
(8) "Mao Tse-Tung on Guerilla Warfare," Translated and Introduction by
Brig. Gen. Samual B. Griffith, USMC, (Ret), Praeger Publishers, 1961
(9) ibid, "Mao Tse-Tung on Guerilla War," pg. 23
(10) "Unrestricted Warfare," Qiao Liang and Wang Xiangsui, Published
by PLA Literature and Publishing House, 1999.
(11) ibid
(12) "The Next World War; Computers are the Weapons and the Front Line
is Everywhere," Adams, J., Pg. 313, Published by Simon and Shuster,
1998
Emergency Response & Research Institute EmergencyNet News Service
6348 N. Milwaukee Ave. #312 Chicago, IL 60646, USA 773-631-3774 -
Voice/Messages 773-631-4703 - Facsimile webmaster@emergency.com -
E-Mail http://www.emergency.com - Main Webpage
- -
ISN is hosted by SecurityFocus.com
- ---
To unsubscribe email LISTSERV@SecurityFocus.com with a message body of
"SIGNOFF ISN".
------- End of Forwarded Message
------------------------------------------------------------------------
e-Business Quality Management- Your Site's Success Depends on It.
Register today for an eye opening experience.
http://click.egroups.com/1/5934/14/_/595019/_/963277805/
------------------------------------------------------------------------
------------------
http://all.net/