[iwar] article
From: Fred Cohen
To: Information Warfare Mailing List
From: fc@all.net
To: iwar@onelist.com
Mon, 25 Dec 2000 06:12:44 -0800 (PST)
fc Mon Dec 25 06:13:08 2000
Received: from 207.222.214.225
by localhost with POP3 (fetchmail-5.1.0)
for fc@localhost (single-drop); Mon, 25 Dec 2000 06:13:08 -0800 (PST)
Received: by multi33.netcomi.com for fc
(with Netcom Interactive pop3d (v1.21.1 1998/05/07) Mon Dec 25 14:08:54 2000)
X-From_: fc@all.net Mon Dec 25 08:08:34 2000
Received: from hp.egroups.com (hp.egroups.com [208.50.99.201]) by multi33.netcomi.com (8.8.5/8.7.4) with SMTP id IAA07013 for ; Mon, 25 Dec 2000 08:08:33 -0600
X-eGroups-Return: sentto-279987-839-977753566-fc=all.net@returns.onelist.com
Received: from [10.1.4.56] by hp.egroups.com with NNFMP; 25 Dec 2000 14:12:46 -0000
X-Sender: fc@all.net
X-Apparently-To: iwar@onelist.com
Received: (EGP: mail-6_3_1_3); 25 Dec 2000 14:12:45 -0000
Received: (qmail 86958 invoked from network); 25 Dec 2000 14:12:45 -0000
Received: from unknown (10.1.10.27) by l10.egroups.com with QMQP; 25 Dec 2000 14:12:45 -0000
Received: from unknown (HELO all.net) (65.0.156.78) by mta2 with SMTP; 25 Dec 2000 14:12:44 -0000
Received: (from fc@localhost) by all.net (8.9.3/8.7.3) id GAA23466 for iwar@onelist.com; Mon, 25 Dec 2000 06:12:44 -0800
Message-Id: <200012251412.GAA23466@all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL1]
From: Fred Cohen
MIME-Version: 1.0
Mailing-List: list iwar@egroups.com; contact iwar-owner@egroups.com
Delivered-To: mailing list iwar@egroups.com
Precedence: bulk
List-Unsubscribe:
Date: Mon, 25 Dec 2000 06:12:44 -0800 (PST)
Reply-To: iwar@egroups.com
Subject: [iwar] article
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
[FC - This one starts out as a fantasy and keeps right on going through
the end...]
Information Warfare The following is from
http://www.mitre.org/pubs/showcase/info_warfare2.html
It was a disaster that led to thousands of U.S. and Coalition
casualties, fractured the alliance, and blunted the entire war effort.
But the most damaging sneak attack since Pearl Harbor did not involve
warplanes or bombs -- it was the world's first full-scale information
attack.
Adversary forces penetrated U.S. computer networks; initially, they
moved slowly and unobtrusively, monitoring electronic mail, reading
files, and giving themselves wide access to sensitive information. For
example, they read Air Tasking Orders -- the operational commands that
direct Air Force units which routes to fly and which targets to
bomb--even before the units themselves did.
After extending their surveillance as far as possible, the adversary
forces began to act. They intercepted or altered electronic mail, and
sent false messages that directed personnel and supplies to the wrong
bases. They misdirected entire units to the wrong locations, sometimes
keeping them out of an area where they were urgently needed, sometimes
leading them into ambush or friendly fire zones. In one of the
campaign's most damaging actions, they changed an Air Tasking Order and
directed an Air Force squadron to destroy several civilian targets.
They captured and controlled several network hosts, halting electronic
communications and paralyzing the U.S. command structure. The viruses
they introduced attacked U.S. databases, denying U.S. commanders
access to vital information.
To minimize further damage, systems adminstrators shut down all
electronic communications, further hampering operations. Damage from
the electronic attack is still making its presence felt months after the
initial onslaught, and extended all the way to inside the
U.S.--adversary efforts caused a three-day shutdown of the stock and
financial markets, and disrupted the operations of banks and public
utilities throughout the nation.
Hopefully, this is a worst case scenario. It is based on a recent
exercise, and not on an actual conflict. But it illustrates the
potential threat of information warfare, a threat that increases as our
dependence on computers, communications, and networks continues to grow.
Protecting against this threat is a major activity for The MITRE
Corporation.
"Information warfare is possibly the ultimate in stealth," observes John
Woodward, MITRE Director of Information Warfare. "The victim may not
even realize an attack has taken place until it is far too late. Such
an attack requires tremendous expertise just to recognize and identify,
and MITRE is probably the best single source of expertise on information
warfare in the U.S.," he continues. "Our multi-disciplinary approach
covers almost every aspect of the problem, and we are currently
providing support to nearly every major organization throughout the
Department of Defense, intelligence community, and Federal Aviation
Administration."
MITRE efforts begin with a thorough analysis of the threat posed by
potential adversaries and the vulnerability of the targeted system.
These efforts often involve MITRE staff forming adversary teams that
attempt to penetrate Government computer systems, and may involve
sophisticated simulations and modelling. (The scenario presented at the
beginning of this article resulted from a MITRE team's penetration of
U.S. Air Force systems at a recent command-and-control exercise.)
After assessing the threat and determining the vulnerability of the
system to be protected, MITRE staff develop an overall philosophy of
information security, and a policy to guide the implementation of
protective measures. "Another key element is a risk management
approach," notes Woodward. "Since it's virtually impossible to protect
against every threat--and since no government agency has a limitless
budget--the real question is what level of security is necessary and
affordable."
http://www.mitre.org/
-------------------------- eGroups Sponsor -------------------------~-~>
eGroups eLerts
It's Easy. It's Fun. Best of All, it's Free!
http://click.egroups.com/1/9698/1/_/595019/_/977753566/
---------------------------------------------------------------------_->
------------------
http://all.net/