[iwar] The meaning of Elligible Receiver

From: Fred Cohen (fc@all.net)
Date: 2002-04-03 07:34:48
Next message: Fred Cohen: "[iwar] News article of possible interest"
Previous message: televr: "[iwar] Coordinating PR a problem for coalition"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-Id: <200204031534.g33FYm932710@red.all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
From: Fred Cohen <fc@all.net>
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Precedence: bulk
Date: Wed, 3 Apr 2002 07:34:48 -0800 (PST)
Subject: [iwar] The meaning of Elligible Receiver
Reply-To: iwar@yahoogroups.com
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

The meaning of Eligible Receiver.
=46rom the Crypt Newsletter (JOSEPH K) Guide To Tech Terminology:

Eligible Receiver: A Pentagon ghost story repeated ad nauseum to
journalist s and the easily frightened in which ludicrous or totally
unsubstantiated c laims about menaces from cyberspace are passed off as
astonishing deeds of techno-legerdemain performed by cybersoldiers
working within a highly class ified wargame. 

Usage: Author James Adams claimed in Techweek magazine that Pentagon
hacker s employed in Eligible Receiver "did more than the massed might
of Saddam H ussein's armies, than the Nazis in the Second World War."

--------------------------------------------------------------------------- -----

Since its first appearance in 1997, Eligible Receiver, like the phrase
"ele ctronic Pearl Harbor," has become a good watermark for
identification of un critical, unsophisticated journalism addressing the
potential for cyberterr orism to lay low the nation. 

Although never substantiated with solid proof by Pentagon leadership,
Eligi ble Receiver has become an article of faith in the mainstream
newsmedia and still appears quite regularly since its genesis almost
three years ago as prima facie evidence of what hackers could do to
plunge the empire into cha os. 

Characteristics of invocations of Eligible Receiver can include any or
all of the following: there were 20, or 25, or 35, or 50 hackers; the
hackers w ere from or hired by: [the Pentagon, the NSA, the Joint
Staff], the nationa l power grid was taken down, the 911 service was
taken down, troop movement s were disrupted, the hackers were more
powerful than Nazi armies in World War II, laptops were bought, laptops
were stolen, software was bought off-t he-shelf, software was obtained
from the Net, unspecified secret computer s ystems were compromised
and/or unspecified public computer systems were com promised. 

Here then, a selection of examples of Eligible Receiver in the news:

-------------

On October 9, 1999, the Los Angeles Times published a story on the
Pentagon 's Moonlight Maze hysteria entitled: "In Theory, Reality, US
Open to Cyber- Attack -- An NSA test exposed vulnerability of critical
computer systems to hackers; Outside assault proved it."

The piece continued the trend of inexplicably poor reporting on
Moonlight M aze by the Times and Bob Drogin. 

[NB: See for a specific media media analysis of the Moonlight Maze
fiasco.]

In paragraph seventeen, buried near the end of the Los Angeles Times
piece, Drogin writes: "Indeed, the evidence suggests a certain amount of
hype and hysteria have overshadowed the reality of cyberspace."

It was an inadvertently telling choice of words, for in just the story's
se cond paragraph -- one of the piece's impact points -- Drogin fell
prey to t he same phenomenon. 

Drogin invoked the Pentagon ghost story of Eligible Receiver -- the
secret DoD wargame conducted two years ago which proponents of
"electronic Pearl H arbor" insist demonstrated the nation could be
flattened by cyberattack. 

Drogin wrote: "The [Eligible Receiver] hackers broke into networks that
dir ect 911 emergency systems."

It was a clear and rather extravagant error. 

Appearing in June of 1998 to testify before Congress, Ellie Padgett,
deputy chief of the National Security Agency's office of defensive
information wa rfare spoke of how Eligible Receiver addressed the
alleged vulnerability of the 911 phone system. 

In a _simulated_ exercise, Padgett said, "we scripted (an) Internet
message (that) would be sent out to everybody saying there was a problem
with the 911 system, understanding that human nature would result in
people calling the 911 system to see if there was a problem."

The working idea in this part of Eligible Receiver revolved around the
hypo thesis that many people viewing the message on the Internet in a
newsgroup might panic and phone their local 911 trunk, causing a jam-up
on the line. 

"It can probably be done, this sort of an attack, by a handful of folks
wor king together .  .  ." Padgett said. 

This is an extremely far cry from Drogin's assertion that the 911 system
wa s broken into by alleged Eligible Receiver hackers.  In fact, it has
nothing at all to do with breaking into a 911 computer system, whatever
that might be. 

However, it is consistent, thematically, with the flavor of the
mythology p ropagated on Eligible Receiver and, now, Moonlight Maze. 

In fact, during an interview with Crypt Newsletter in the summer of 1998
co ncerning Eligible Receiver, a Pentagon spokeswoman for the affair
asserted "no actual switching systems" were broken into at any time
during Eligible Receiver.  She went on to say that Eligible Receiver had
only simulated thes e attacks on NSA computer networks set up to emulate
potential domestic nat ional systems. 

Nevertheless, Drogin also wrote in paragraph two of the Times piece: "In
le ss than three months, the [Eligible Receiver hackers] secretly
penetrated c omputers that control electrical grids in Los Angeles,
Washington, and othe r major cities."

The lead claims in the Los Angeles Times article are the framing points
for a larger discussion on how Moonlight Maze has publicly proved what
the Eli gible Receiver exercise secretly demonstrated two years ago,
which constitu tes another rather extensive leap in linking the facts
that are known about both. 

Drogin quoted from counter-terrorist "czar" Richard Clarke:

"An enemy could systematically disrupt banking, transportation,
utilities, finance, government functions and defense."

The Clarke quotes are functionally identical to the same statements made
fo r Signal magazine in August of this year when it was suggested that
the Fre edom of Information Act could be "modified" as part of a plan to
help prote ct us from cyberattack.  They add nothing to the actual body
of knowledge on Moonlight Maze. 

For the complete Clarke-uttered propaganda published in August see the
"ele ctronic Pearl Harbor" archive. 

"It's cheaper and easier than building a nuclear weapon," said Clarke
for t he LA Times. 

Buried in Drogin's piece was comment by John Gilligan who "directs
informat ion technology and information systems at the [Department of
Energy.]"

Gilligan, while talking about hacker attacks, "[also argued] that the
dange r is usually overstated," according to the Times. 

"To get access to the electricity grid computers, to start to shut some
of the grid, you have to really work at it .  .  .  To do a Pearl
Harbor, you nee d a lot of inside information."

-------------

The September 19, 1999, issue of New Scientist magazine invoked the
mythos as an example of what "cyberwar" could do in an article entitled:
"To the v irtual barricades."

"[Electronic Pearl Harbor" can be done -- as was demonstrated two years
ago when the US Department of Defense conducted a 'war game' to test its
defen ces against cyber attacks.  In an operation dubbed Eligible
Receiver, fifty hackers tried to infiltrate DoD systems using only the
simplest of hacking tools. 

"Their task was to simulate an attack from North Korea.  Despite the
best ef forts of the DoD, intelligence and security agencies, and the
private secto r .  .  .  the hackers reduced a virtual electricity grid
to 50 per cent effec tiveness in just seven days."

-------------

On June 26, 1999, the Christian Science Monitor featured a story
entitled: "The hidden dangers of information warfare."

The Monitor's reporter cited the Pentagon's secret exercise, Eligible
Recei ver, in the standard manner. 

". . . Operation Eligible Receiver demonstrated the potential
vulnerability of the U.S.  government's information systems.  The
National Security Agency hired 35 hackers to launch simulated attacks on
the national information s tructure.  The hackers obtained 'root access'
- the highest level of control - in 36 of the government's 40,000
networks. 

"If the exercise had been real, the attackers would have been able to
creat e power outages across Los Angeles, Chicago, Washington, and New
York.  They could have disrupted the Department of Defense's
communication systems (ta king out most of the Pacific Command) and
gained access to computer systems aboard U.S.  Navy vessels. 

"It was a disturbing exercise.  So much so, that several top White House
off icials have spoken of the possibility of an 'electronic Pearl
Harbor' attac k on the U.S.  mainland.  Added to these vulnerabilities
is the fact that mos t Americans have no sense of how information
warfare will affect them."

Further along, the Monitor called upon James Adams, appearing here as
CEO o f IDefense -- a firm that advertises its skill in preventing
potential "Eli gible Receivers," to provide the pro forma warnings. 

"It is a very serious problem," said Adams for the Monitor. 

-------------

>From the April 1999 issue of "Government Executive," a reporter writes
on t he danger of cyberterror to the national networks:

"The liability posed by such dependence became clear when the Pentagon
cond ucted an exercise known as Eligible Receiver in 1997.  Using
off-the-shelf t echnology and software downloaded from hacker Web sites,
a team of about 20 employees from the National Security Agency hacked
into unclassified Penta gon computer systems.  The surprise exercise,
designed to expose weaknesses in computer security, succeeded beyond the
planners' wildest expectations.  Among other things, the exercise showed
how hackers might disrupt troop dep loyments. 

"It was startling," [Deputy Defense Secretary] John Hamre said.  'We
didn't really let them take down the power system in the country, but we
made them prove that they knew how to do it.'"

-------------

=46rom an April 22, 1999, issue of "Inside the Army:"

"Two years after Eligible Receiver, a joint exercise conducted by DOD in
wh ich virtual 'terrorists' used stolen hardware from a government
facility to gain control over secret computer systems without being
detected, the mili tary finds itself 'in full-scale conflict,' [Deputy
Secretary of Defense] J ohn Hamre said.  Important lessons learned over
this period include 'that cy perspace ain't for geeks, it's for
warriors,' he said."

-------------

>From a March 22, 1999 report by Associated Press writer Laura Myers
entitle d "Study Finds Hacker Threat a Real Danger." Reporter Myers
appears to be o nly vaguely familiar with the Pentagon claim and gets a
figure wrong. 

This is hardly a liability for the mythos.  Even Pentagon proponents of
"Eli gible Receiver" can't seem to agree on the number of people
involved. 

Myers nevertheless passes on the growing legend as proof of national
danger:

"In 1997, a national security team of about 20 people, in a cyberwar
game [ Eligible Receiver] lasting three months, gained access to
unclassified Pent agon computers, giving the team the ability to disrupt
troops movements."

-------------

>From an interview on cyberterrorism conducted with Senator John Kyl by
the United States Information Agency (USIA), published in November 1998:

Kyl: Well, [cyberterrorism is] surprisingly easy.  It's hard to quantify
tha t in words, but there have been some exercises run recently.  One
that's bee n in the media, called Eligible Receiver, demonstrated in
real terms how vu lnerable the transportation grid, the electricity
grid, and others are to a n attack by, literally, hackers -- people
using conventional equipment, no "spook" stuff in other words. 

-------------

>From the Fall 1998 issue of the University of Southern California's
"Networ ker" magazine:

"Operating under the code-name Eligible Receiver, 35 people working for
the National Security Agency targeted unclassified computer systems
across the country.  Employing only hacking tools downloaded from the
Net and standard -issue computers, the team reportedly accessed the U.S. 
Pacific Command in Hawaii - in charge of 100,000 troops - among other
targets. 

"'We didn't really let them take down the power system in the country,
but we made them prove that they knew how to do it,' Deputy Secretary of
Defens e John Hamre told the press. 

"Before Eligible Receiver, what you had was a bunch of driven geeks and
a f ew admirals and generals dotted around who said that 'this is really
import ant stuff' and a bunch of traditionalists who were saying 'yeah,
right.  It' s all just rubbish, really,' says Adams.  'Well, Eligible
Receiver gave ever yone a very nasty shock because it showed that the
whole system could be de vastated,' he adds."

Editor's note: James Adams wrote a book called "The Next World War,"
publis hed in 1998, that based most of its premises that computers would
fight all future wars on Pentagon claims like "Eligible Receiver." The
book was pill oried for passing on myths and April Fool's jokes, such as
the Gulf War vir us hoax, as fact. 

"[Eligible Receiver] resonated at the Department of Defense, which has
2.1 million computers, 100,000 local area networks, and more than 100
long-dist ance networks.  Eligible Receiver was 'a very telling example
for all of the senior leadership here,' says Susan Hansen, a [Pentagon
flack] for Secreta ry of Defense William Cohen. 

-------------

>From a USIA interview (published in November 1998) with reporter James
Adam s, here advertised as the CEO of "Infrastructure Defense," a firm
started t o help protect from potential Eligible Receivers:

"The 'hackers' taking part in the exercise -- called Eligible Receiver
-- w ere, in fact, U.S.government employees.  They were given no advance
intellig ence.  They bought their laptops from a local computer store. 

"The hackers successfully demonstrated that they could with ease break
into the power grids of all the major U.S.  cities -- from Los Angeles
to Chicag o to Washington, D.C., to New York -- that were linked to the
U.S.  capabili ty to deploy forces.  At the same time they were able to
break into the -911 - emergency telephone system and could comfortably
have taken both of those networks down .  .  ."

-------------

>From a September 2, 1998, Jane's Defense Weekly piece on information
warfar e and the Department of Defense:

"In one Joint Chiefs of Staff simulation, known as Eligible Receiver, US
of ficials posing as terrorists were able to shut down key command and
control systems at US Pacific Command headquarters."

-------------

In an August 2, 1998 story by Cox Newspapers' by Andrew Glass entitled:
"Ta rget America: Computer Warfare," the Pentagon grail is credited with
turnin g off all operations of the DoD's Pacific Ocean/Asian command as
well as th e 911 system. 

Sun Tzu -- an ancient and quite dead Chinese military philosopher -- is
cre dited with the germ of the idea, too, somehow. 

"Last June, the National Security Agency staged a 'red team' exercise,
code -named Eligible Receiver, in which agents pretending to be North
Koreans in filtrated the command-and-control facilities of the U.S. 
Pacific Command in Honolulu --- demonstrating their ability to
neutralize most U.S.  armed for ces from Okinawa to San Diego for many
hours without firing a shot. 

"Attaining 100 victories in 100 battles is not the pinnacle of
excellence," [Sun Tzu] wrote in 'The Art of War,' the earliest known
treatise on milita ry science.  'Subjugating the enemy's army without
fighting is the true pinn acle of excellence.'"

And, further on:

"Appearing last June before the Senate Judiciary subcommittee on
technology , terrorism and government information, Ellie Padgett, deputy
chief of the NSA's office of defensive information warfare, told of one
aspect of the wo rrisome success in Eligible Receiver. 

In a phase of the exercise that simulated attacks, she said, 'we
scripted ( an) Internet message (that) would be sent out to everybody
saying there was a problem with the 911 system, understanding that human
nature would resul t in people calling the 911 system to see if there
was a problem' --- thus causing the overloaded phone system to crash."

-------------

In a speech in Aspen, Colorado, in late July 1998, the Pentagon's John
Hamr e said of Eligible Receiver: "A year ago, concerned for this, the
departmen t undertook the first systematic exercise to determine the
nation's vulnera bility and the department's vulnerability to cyber war. 
And it was startlin g, frankly.  We got about 30, 35 folks who became
the attackers, the red tea m .  .  .  We didn't really let them take
down the power system in the country , but we made them prove that they
knew how to do it."

-------------

>From a June 1998 Congressional Governmental Affairs Committee meeting
chair ed by Congressman and former actor Fred Thompson who played a
naval command er in the movie adaptation of Tom Clancy's "The Hunt for
Red October":

"Lt.  General Minihan, the Director of the National Security Agency,
will id entify in greater detail the nation's vulnerability as revealed
in a recent war game known as Eligible Receiver.  The Committee also
will explore wheth er the [Y2K] problem will increase America's
vulnerability to attack.  As we approach the 21st century, will
terrorists and rogue nations test their in formation warfare weapons
without fear of being caught and insert data smar t bombs into the
nation's computers for use at a later date?"

-------------

>From a May 24, 1998 story in the Washington Post written by Bradley
Graham:

"Many details of the exercise, dubbed Eligible Receiver, remain closely
hel d.  But according to official sources, a group of 35 NSA specialists
simulat ed a series of rolling power outages and 911 emergency phone
overloads in W ashington and a handful of other cities.  They showed
that large-scale black outs could be caused by targeting computerized
sensing and control devices known as Supervisory Control and Data
Acquisition systems, which have becom e common substitutes for human
monitors in operating electrical, oil, gas, transportation and water
treatment systems."

-------------

>From an April 23, 1998 press conference led by Kenneth Bacon, the
Pentagon' s head flack:

"And that was one of the, as I said, one of the signal achievements of
the exercise the Joint Staff ran, ELIGIBLE RECEIVER, to improve the
awareness o f people within the Department of what the computer security
issue is."

Other relevant links:

  a.. About the Crypt Newsletter.
  b.. The Crypt Newsletter Guide to Electronic Pearl Harbor.
  c.. The Crypt Newsletter Guide to Tech Terminology.
  d.. Back to Crypt Newsletter
  Send a comment: George Smith, Editor
copyright 1999 Crypt Newsletter. All rights reserved.

------------------------ Yahoo! Groups Sponsor ---------------------~-->
HOW to SEE & RECORD EVERYTHING!
TINY Camera for Under $80 BUCKS! PRICE BREAKTHROUGH --> CLICK!
http://us.click.yahoo.com/w7toOC/.o6DAA/yigFAA/kgFolB/TM
---------------------------------------------------------------------~->

------------------
http://all.net/ 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
Next message: Fred Cohen: "[iwar] News article of possible interest"
Previous message: televr: "[iwar] Coordinating PR a problem for coalition"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
This archive was generated by hypermail 2.1.2 : 2003-08-24 02:46:31 PDT