Return-Path: <sentto-279987-2765-1002519681-fc=all.net@returns.onelist.com>
Delivered-To: fc@all.net
Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Sun, 07 Oct 2001 22:47:09 -0700 (PDT)
Received: (qmail 24382 invoked by uid 510); 8 Oct 2001 05:45:46 -0000
Received: from n21.groups.yahoo.com (216.115.96.71) by 204.181.12.215 with SMTP; 8 Oct 2001 05:45:46 -0000
X-eGroups-Return: sentto-279987-2765-1002519681-fc=all.net@returns.onelist.com
Received: from [10.1.1.222] by n21.groups.yahoo.com with NNFMP; 08 Oct 2001 05:45:46 -0000
X-Sender: fc@big.all.net
X-Apparently-To: iwar@onelist.com
Received: (EGP: mail-7_4_1); 8 Oct 2001 05:41:20 -0000
Received: (qmail 69262 invoked from network); 8 Oct 2001 05:41:20 -0000
Received: from unknown (10.1.10.142) by 10.1.1.222 with QMQP; 8 Oct 2001 05:41:20 -0000
Received: from unknown (HELO big.all.net) (65.0.156.78) by mta3 with SMTP; 8 Oct 2001 05:41:19 -0000
Received: (from fc@localhost) by big.all.net (8.9.3/8.7.3) id WAA06796 for iwar@onelist.com; Sun, 7 Oct 2001 22:41:18 -0700
Message-Id: <200110080541.WAA06796@big.all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL1]
From: Fred Cohen <fc@all.net>
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com>
Date: Sun, 7 Oct 2001 22:41:18 -0700 (PDT)
Reply-To: iwar@yahoogroups.com
Subject: [iwar] [fc:Cyberspies.and.saboteurs:.Hackers.on.the.payroll.of.U.S..security.agencies]
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 8bit
Cyberspies and saboteurs: Hackers on the payroll of U.S. security agencies
ALEX ROSLIN Montreal Gazette
<a href="http://www.canada.com/montreal/montrealgazette/">http://www.canada.com/montreal/montrealgazette/>
Saturday, October 06, 2001
As U.S. Defence Secretary Donald Rumsfeld unleashes a "shadow war" of
covert special-forces operations against terrorist Osama bin Laden, he
is sending into action many high-tech warriors who have neither guns nor
grenades, and whose combat missions won't take them anywhere near
Afghanistan.
Their brand of fighting goes by the innocent-sounding term of "computer
network exploitation." Most people would simply call them computer
hackers.
But unlike rebellious teenagers sitting at their bedroom computers,
these hackers work for intelligence agencies and have advanced training
in computer science, math and cryptology.
No government agency in Canada or the U.S. has acknowledged that it
employs hackers to break into computers. That information is secret
because the targets of "computer exploitation" are not just terrorists
like bin Laden and hostile states. The targets can just as easily be
citizens at home, trade negotiators and diplomats from friendly
countries, or foreign businessmen bidding against a domestic company.
In this exclusive Gazette report, some of North America's top
intelligence, military and computer experts talk about how government
hackers are transforming the Internet into a tool for spying and
warfare. They say U.S. spy agencies, and very likely Canadian ones
too, have been hacking into computers for years.
Right now, they say, hacking plays an important role in President George
W. Bush's war against bin Laden and his supporters.
While this tool is limited by the fact that there are few computers in
Afghanistan, where bin Laden is said to be hiding, it may prove critical
in tracking down his bank accounts and business fronts around the world,
said intelligence expert Jon Concheff, who spent 21 years in the U.S.
Special Forces.
Hacking, he said, "is a logical and critical adjunct to the revivified
campaign against terrorism."
Canada's military says it wants to engage in hacking, too. In June, one
of Canada's top commanders in "computer operations," Colonel Randy
Alward, announced that the Canadian Forces want to include hacking in
their military arsenal. Under the policy, military hackers would be
trained to disable communication systems, destroy electronic information
and plant destructive computer viruses.
But experts caution that hacking is a dangerous and unpredictable new
tool.
"I think this is perilous. I'm more worried about what states are doing
than Mafiaboy," said Ron Deibert, a University of Toronto professor who
studies the Internet and has been an external examiner on computer
warfare at the Canadian Forces College in Toronto. (Mafiaboy is a
Montreal teenager who pleaded guilty this year to hacking into U.S. Web
sites.)
"When we talk about information warfare, people don't see it applies to
them," said Robert Garigue, a retired Canadian Forces
lieutenant-commander, now the Bank of Montreal's vice-president
(information security). "But it does. We've created this social space
(on the Internet), and conflict is moving into it. Every decision you
make is mediated by computer. In that sense, the computer layer becomes
very powerful when you can manipulate it."
- - -
Computer spying couldn't have been born in a prettier place. Nestled
into the side of Colorado's majestic 4,300-metre-high Pikes Peak,
Schriever Air Force Base lies where the rolling plains meet the eastern
wall of the Rockies.
The facility controls all of the U.S. Defence Department's classified
satellites, and is home to President George W. Bush's National Missile
Defence project.
In July 1994, the base saw a history-making demonstration by Kevin
Ziese, a computer scientist in the newly created U.S. Air Force
Information Warfare Centre. The top brass was out in force as Ziese
showed how to hack into a computer system.
He refused to say what he broke into ("I don't feel comfortable going
into details"), but it is clear the exercise impressed the generals.
"Once you see a demonstration of how to break into a computer system, it
doesn't take a rocket scientist to realize it has an offensive
capability," he said.
Shortly after, the U.S. military created its first organized
information warfare program to train super-hackers. One of their jobs
would be computer exploitation, stealing sensitive information and
leaving enough secret back doors so they can sneak back into a computer.
Ziese refused to provide details of U.S. hacking operations, but
likened them to clandestine special-forces missions now employed in
Afghanistan. "I would draw an analogy between computer exploitation and
special-forces exploitation. There are clearly cases where (sending in)
the special forces makes good sense, but they would be relatively few.
This would be equally true for computer exploitation," he said.
"Their job is to dig up what's in computers (of groups) that hold views
that may be harmful to the U.S.," said Hal Gershanoff, editor of the
Journal of Electronic Defense, a Norwood, Mass.-based monthly published
by the Association of Old Crows, a group of experts in computer warfare.
In bin Laden's case, U.S. government hackers don't have many targets in
Afghanistan, but they could break into computers of his businesses,
wealthy associates and followers elsewhere, said Winn Schwartau, an
information-warfare expert who advises the U.S. Defence Department. As
well, they could target banks that haven't agreed to collaborate with
the U.S. by freezing terrorist-linked accounts.
"It would be really stupid of us not to do a computer network attack
into their systems," he said.
Government hackers can also have a more destructive mission - attacking
or manipulating sensitive computer networks. This quickly becomes
computer warfare - what the media sometimes calls cyber-warfare. Most
experts are loath to discuss such operations, but they said hackers can
bring a country to its knees and cause as much damage as nuclear weapons
- shutting down power grids, air-traffic control, emergency services and
telecommunications.
Ironically, this means hacking is a double-edged sword for countries
like Canada and the U.S., which are far more vulnerable to being
attacked themselves than low-tech opponents like bin Laden.
- - -
The U.S. Special Forces soldiers sent into Afghanistan to hunt down bin
Laden are packing more than rifles and survival gear. They went armed
with high-tech communications links that would feed them the latest
intelligence from the U.S. National Security Agency. The NSA is so
secret that its existence wasn't even acknowledged until the 1970s.
It's thought to have a budget of over $11 billion a year and to employ
more people than the CIA and FBI combined.
The NSA's job - like that of its Canadian sister agency, the
Communications Security Establishment is to collect signals
intelligence (SIGINT in spy lingo) by filtering through rivers of local
and international phone calls, faxes, satellite transmissions and
E-mail.
Their role was defined by the digital age. Now, instead of passively
waiting around to catch messages in the sky - known as midpoint
collection - they could reach through the airwaves right into a computer
- endpoint collection. Some dub it HACKINT. Intelligence historian
James Bamford calls it the "the most profound change in the history of
signals intelligence."
"Throughout most of its history, the NSA has been considered as a
support organization to war fighters. But what the NSA is saying now is
they won't play the support role. They will play an active role," said
Bamford, author of Body of Secrets: Anatomy of the Ultra-Secret National
Security Agency.
"They will be on the front line in taking offensive actions."
Bamford said much of the NSA's "endpoint collection" is being done
through a hyper-secretive agency called the Special Collection Service,
based in Beltsville, Md.
The service was set up in the late 1970s to combine the physical
penetration skills of the CIA with the technical expertise of the NSA,
and is jointly run by both agencies, said Washington, D.C., intelligence
analyst John Pike. "It's the black-bag, breaking-and-entering, Mission
Impossible-type agency."
The only inside account of this agency comes from a Canadian, Mike
Frost, a retired veteran of the Communications Security Establishment.
In his 1994 book Spyworld, Frost said the mysterious U.S. service,
known to insiders as College Park, specializes in secret missions from
U.S. embassies abroad.
- - -
Experts say U.S. spies have secretly engaged in HACKINT for years with
little public debate. Ironically, its biggest critics are military
strategists.
"There is a big question (in government circles) as to how far it should
go," said Roger Molander, a former member of the U.S. National Security
Council, now a computer-warfare expert at the RAND Corp., a think-tank
close to the Pentagon and U.S. intelligence agencies. A major concern
is that government hacking blurs the lines between peace and war, he
said. "If you get caught mapping out the critical infrastructure of an
important power grid in an escalating crisis, people might view it as an
act of war."
Daniel Kuehl, a professor specializing in computer warfare at the
Pentagon's National Defence University, agreed. "State vs. state
espionage is an accepted part of statecraft. But what if I insert a
program in an air-defence system? What line have I just crossed? Nobody
knows. Have we gone to war? None of the old measures apply here. This
environment has all kinds of borders we don't understand yet."
Another big unknown is the spin-off of government hacking. An attack on
one country or terrorist group could bring down computers in other parts
of the world, like a computer virus spinning out of control. "After one
(computer warfare) exercise, we reacted, 'Oh my God, how many systems
did we take out?' " said Robert Garigue, the former Canadian Forces
lieutenant-commander. "It's a very difficult weapon to use. It's not
as simple as the Americans make it out to be. Have you any
understanding of what the cascading effects are? It is a naive belief to
think we can partition this off so we won't be affected."
Tiit Romet, a scientist formerly employed by Canada's Department of
National Defence who helped develop military information-operations
strategy, painted a worrisome scenario. "We could show the
vulnerabilities of the power grid of country X. If we get into a
conflict - say we want to disrupt the power network in some cities,
maybe black out hospitals - that's where the ethical questions come in.
What happens if kids get killed?"
Another problem is that hackers have to conceal their identity by
invading neutral machines like those of a university - and launch an
attack through them. This raises the prospect of spies indiscriminately
breaking into civilian machines and turning them into unwitting hacking
devices.
"It's one thing if you're the CIA and you bribe someone to give you
information. It's another thing if you are actually invading common
(Internet) carriers to do it. The end result is the same, but you have
to penetrate an awful lot of systems that are commonly used," said James
Bamford, the intelligence historian. "The question gets raised, 'Where
will they do it next? What restrictions are there?' "
Just as troubling, say experts, is the lack of public scrutiny and legal
restrictions. "The people doing it don't like to admit they are doing
it. I don't think there has been any (Congressional) oversight at all,"
said Peter G. Neumann, an eminent Silicon Valley computer scientist and
privacy expert who has testified to Congress on computer security.
"It's a very delicate business. You're on the tip of the iceberg here."
------------------------ Yahoo! Groups Sponsor ---------------------~-->
Get your FREE VeriSign guide to security solutions for your web site: encrypting transactions, securing intranets, and more!
http://us.click.yahoo.com/UnN2wB/m5_CAA/yigFAA/kgFolB/TM
---------------------------------------------------------------------~->
------------------
http://all.net/
Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-12-31 20:59:54 PST