Return-Path: <sentto-279987-4604-1017848020-fc=all.net@returns.groups.yahoo.com> Delivered-To: fc@all.net Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Wed, 03 Apr 2002 07:37:08 -0800 (PST) Received: (qmail 11867 invoked by uid 510); 3 Apr 2002 15:34:44 -0000 Received: from n5.grp.scd.yahoo.com (66.218.66.89) by all.net with SMTP; 3 Apr 2002 15:34:44 -0000 X-eGroups-Return: sentto-279987-4604-1017848020-fc=all.net@returns.groups.yahoo.com Received: from [66.218.67.193] by n5.grp.scd.yahoo.com with NNFMP; 03 Apr 2002 15:33:40 -0000 X-Sender: fc@red.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-8_0_3_1); 3 Apr 2002 15:33:39 -0000 Received: (qmail 5847 invoked from network); 3 Apr 2002 15:33:36 -0000 Received: from unknown (66.218.66.217) by m11.grp.scd.yahoo.com with QMQP; 3 Apr 2002 15:33:36 -0000 Received: from unknown (HELO red.all.net) (12.232.72.152) by mta2.grp.scd.yahoo.com with SMTP; 3 Apr 2002 15:33:35 -0000 Received: (from fc@localhost) by red.all.net (8.11.2/8.11.2) id g33FYm932710 for iwar@onelist.com; Wed, 3 Apr 2002 07:34:48 -0800 Message-Id: <200204031534.g33FYm932710@red.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL3] From: Fred Cohen <fc@all.net> X-Yahoo-Profile: fcallnet Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Wed, 3 Apr 2002 07:34:48 -0800 (PST) Subject: [iwar] The meaning of Elligible Receiver Reply-To: iwar@yahoogroups.com Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit The meaning of Eligible Receiver. =46rom the Crypt Newsletter (JOSEPH K) Guide To Tech Terminology: Eligible Receiver: A Pentagon ghost story repeated ad nauseum to journalist s and the easily frightened in which ludicrous or totally unsubstantiated c laims about menaces from cyberspace are passed off as astonishing deeds of techno-legerdemain performed by cybersoldiers working within a highly class ified wargame. Usage: Author James Adams claimed in Techweek magazine that Pentagon hacker s employed in Eligible Receiver "did more than the massed might of Saddam H ussein's armies, than the Nazis in the Second World War." --------------------------------------------------------------------------- ----- Since its first appearance in 1997, Eligible Receiver, like the phrase "ele ctronic Pearl Harbor," has become a good watermark for identification of un critical, unsophisticated journalism addressing the potential for cyberterr orism to lay low the nation. Although never substantiated with solid proof by Pentagon leadership, Eligi ble Receiver has become an article of faith in the mainstream newsmedia and still appears quite regularly since its genesis almost three years ago as prima facie evidence of what hackers could do to plunge the empire into cha os. Characteristics of invocations of Eligible Receiver can include any or all of the following: there were 20, or 25, or 35, or 50 hackers; the hackers w ere from or hired by: [the Pentagon, the NSA, the Joint Staff], the nationa l power grid was taken down, the 911 service was taken down, troop movement s were disrupted, the hackers were more powerful than Nazi armies in World War II, laptops were bought, laptops were stolen, software was bought off-t he-shelf, software was obtained from the Net, unspecified secret computer s ystems were compromised and/or unspecified public computer systems were com promised. Here then, a selection of examples of Eligible Receiver in the news: ------------- On October 9, 1999, the Los Angeles Times published a story on the Pentagon 's Moonlight Maze hysteria entitled: "In Theory, Reality, US Open to Cyber- Attack -- An NSA test exposed vulnerability of critical computer systems to hackers; Outside assault proved it." The piece continued the trend of inexplicably poor reporting on Moonlight M aze by the Times and Bob Drogin. [NB: See for a specific media media analysis of the Moonlight Maze fiasco.] In paragraph seventeen, buried near the end of the Los Angeles Times piece, Drogin writes: "Indeed, the evidence suggests a certain amount of hype and hysteria have overshadowed the reality of cyberspace." It was an inadvertently telling choice of words, for in just the story's se cond paragraph -- one of the piece's impact points -- Drogin fell prey to t he same phenomenon. Drogin invoked the Pentagon ghost story of Eligible Receiver -- the secret DoD wargame conducted two years ago which proponents of "electronic Pearl H arbor" insist demonstrated the nation could be flattened by cyberattack. Drogin wrote: "The [Eligible Receiver] hackers broke into networks that dir ect 911 emergency systems." It was a clear and rather extravagant error. Appearing in June of 1998 to testify before Congress, Ellie Padgett, deputy chief of the National Security Agency's office of defensive information wa rfare spoke of how Eligible Receiver addressed the alleged vulnerability of the 911 phone system. In a _simulated_ exercise, Padgett said, "we scripted (an) Internet message (that) would be sent out to everybody saying there was a problem with the 911 system, understanding that human nature would result in people calling the 911 system to see if there was a problem." The working idea in this part of Eligible Receiver revolved around the hypo thesis that many people viewing the message on the Internet in a newsgroup might panic and phone their local 911 trunk, causing a jam-up on the line. "It can probably be done, this sort of an attack, by a handful of folks wor king together . . ." Padgett said. This is an extremely far cry from Drogin's assertion that the 911 system wa s broken into by alleged Eligible Receiver hackers. In fact, it has nothing at all to do with breaking into a 911 computer system, whatever that might be. However, it is consistent, thematically, with the flavor of the mythology p ropagated on Eligible Receiver and, now, Moonlight Maze. In fact, during an interview with Crypt Newsletter in the summer of 1998 co ncerning Eligible Receiver, a Pentagon spokeswoman for the affair asserted "no actual switching systems" were broken into at any time during Eligible Receiver. She went on to say that Eligible Receiver had only simulated thes e attacks on NSA computer networks set up to emulate potential domestic nat ional systems. Nevertheless, Drogin also wrote in paragraph two of the Times piece: "In le ss than three months, the [Eligible Receiver hackers] secretly penetrated c omputers that control electrical grids in Los Angeles, Washington, and othe r major cities." The lead claims in the Los Angeles Times article are the framing points for a larger discussion on how Moonlight Maze has publicly proved what the Eli gible Receiver exercise secretly demonstrated two years ago, which constitu tes another rather extensive leap in linking the facts that are known about both. Drogin quoted from counter-terrorist "czar" Richard Clarke: "An enemy could systematically disrupt banking, transportation, utilities, finance, government functions and defense." The Clarke quotes are functionally identical to the same statements made fo r Signal magazine in August of this year when it was suggested that the Fre edom of Information Act could be "modified" as part of a plan to help prote ct us from cyberattack. They add nothing to the actual body of knowledge on Moonlight Maze. For the complete Clarke-uttered propaganda published in August see the "ele ctronic Pearl Harbor" archive. "It's cheaper and easier than building a nuclear weapon," said Clarke for t he LA Times. Buried in Drogin's piece was comment by John Gilligan who "directs informat ion technology and information systems at the [Department of Energy.]" Gilligan, while talking about hacker attacks, "[also argued] that the dange r is usually overstated," according to the Times. "To get access to the electricity grid computers, to start to shut some of the grid, you have to really work at it . . . To do a Pearl Harbor, you nee d a lot of inside information." ------------- The September 19, 1999, issue of New Scientist magazine invoked the mythos as an example of what "cyberwar" could do in an article entitled: "To the v irtual barricades." "[Electronic Pearl Harbor" can be done -- as was demonstrated two years ago when the US Department of Defense conducted a 'war game' to test its defen ces against cyber attacks. In an operation dubbed Eligible Receiver, fifty hackers tried to infiltrate DoD systems using only the simplest of hacking tools. "Their task was to simulate an attack from North Korea. Despite the best ef forts of the DoD, intelligence and security agencies, and the private secto r . . . the hackers reduced a virtual electricity grid to 50 per cent effec tiveness in just seven days." ------------- On June 26, 1999, the Christian Science Monitor featured a story entitled: "The hidden dangers of information warfare." The Monitor's reporter cited the Pentagon's secret exercise, Eligible Recei ver, in the standard manner. ". . . Operation Eligible Receiver demonstrated the potential vulnerability of the U.S. government's information systems. The National Security Agency hired 35 hackers to launch simulated attacks on the national information s tructure. The hackers obtained 'root access' - the highest level of control - in 36 of the government's 40,000 networks. "If the exercise had been real, the attackers would have been able to creat e power outages across Los Angeles, Chicago, Washington, and New York. They could have disrupted the Department of Defense's communication systems (ta king out most of the Pacific Command) and gained access to computer systems aboard U.S. Navy vessels. "It was a disturbing exercise. So much so, that several top White House off icials have spoken of the possibility of an 'electronic Pearl Harbor' attac k on the U.S. mainland. Added to these vulnerabilities is the fact that mos t Americans have no sense of how information warfare will affect them." Further along, the Monitor called upon James Adams, appearing here as CEO o f IDefense -- a firm that advertises its skill in preventing potential "Eli gible Receivers," to provide the pro forma warnings. "It is a very serious problem," said Adams for the Monitor. ------------- >From the April 1999 issue of "Government Executive," a reporter writes on t he danger of cyberterror to the national networks: "The liability posed by such dependence became clear when the Pentagon cond ucted an exercise known as Eligible Receiver in 1997. Using off-the-shelf t echnology and software downloaded from hacker Web sites, a team of about 20 employees from the National Security Agency hacked into unclassified Penta gon computer systems. The surprise exercise, designed to expose weaknesses in computer security, succeeded beyond the planners' wildest expectations. Among other things, the exercise showed how hackers might disrupt troop dep loyments. "It was startling," [Deputy Defense Secretary] John Hamre said. 'We didn't really let them take down the power system in the country, but we made them prove that they knew how to do it.'" ------------- =46rom an April 22, 1999, issue of "Inside the Army:" "Two years after Eligible Receiver, a joint exercise conducted by DOD in wh ich virtual 'terrorists' used stolen hardware from a government facility to gain control over secret computer systems without being detected, the mili tary finds itself 'in full-scale conflict,' [Deputy Secretary of Defense] J ohn Hamre said. Important lessons learned over this period include 'that cy perspace ain't for geeks, it's for warriors,' he said." ------------- >From a March 22, 1999 report by Associated Press writer Laura Myers entitle d "Study Finds Hacker Threat a Real Danger." Reporter Myers appears to be o nly vaguely familiar with the Pentagon claim and gets a figure wrong. This is hardly a liability for the mythos. Even Pentagon proponents of "Eli gible Receiver" can't seem to agree on the number of people involved. Myers nevertheless passes on the growing legend as proof of national danger: "In 1997, a national security team of about 20 people, in a cyberwar game [ Eligible Receiver] lasting three months, gained access to unclassified Pent agon computers, giving the team the ability to disrupt troops movements." ------------- >From an interview on cyberterrorism conducted with Senator John Kyl by the United States Information Agency (USIA), published in November 1998: Kyl: Well, [cyberterrorism is] surprisingly easy. It's hard to quantify tha t in words, but there have been some exercises run recently. One that's bee n in the media, called Eligible Receiver, demonstrated in real terms how vu lnerable the transportation grid, the electricity grid, and others are to a n attack by, literally, hackers -- people using conventional equipment, no "spook" stuff in other words. ------------- >From the Fall 1998 issue of the University of Southern California's "Networ ker" magazine: "Operating under the code-name Eligible Receiver, 35 people working for the National Security Agency targeted unclassified computer systems across the country. Employing only hacking tools downloaded from the Net and standard -issue computers, the team reportedly accessed the U.S. Pacific Command in Hawaii - in charge of 100,000 troops - among other targets. "'We didn't really let them take down the power system in the country, but we made them prove that they knew how to do it,' Deputy Secretary of Defens e John Hamre told the press. "Before Eligible Receiver, what you had was a bunch of driven geeks and a f ew admirals and generals dotted around who said that 'this is really import ant stuff' and a bunch of traditionalists who were saying 'yeah, right. It' s all just rubbish, really,' says Adams. 'Well, Eligible Receiver gave ever yone a very nasty shock because it showed that the whole system could be de vastated,' he adds." Editor's note: James Adams wrote a book called "The Next World War," publis hed in 1998, that based most of its premises that computers would fight all future wars on Pentagon claims like "Eligible Receiver." The book was pill oried for passing on myths and April Fool's jokes, such as the Gulf War vir us hoax, as fact. "[Eligible Receiver] resonated at the Department of Defense, which has 2.1 million computers, 100,000 local area networks, and more than 100 long-dist ance networks. Eligible Receiver was 'a very telling example for all of the senior leadership here,' says Susan Hansen, a [Pentagon flack] for Secreta ry of Defense William Cohen. ------------- >From a USIA interview (published in November 1998) with reporter James Adam s, here advertised as the CEO of "Infrastructure Defense," a firm started t o help protect from potential Eligible Receivers: "The 'hackers' taking part in the exercise -- called Eligible Receiver -- w ere, in fact, U.S.government employees. They were given no advance intellig ence. They bought their laptops from a local computer store. "The hackers successfully demonstrated that they could with ease break into the power grids of all the major U.S. cities -- from Los Angeles to Chicag o to Washington, D.C., to New York -- that were linked to the U.S. capabili ty to deploy forces. At the same time they were able to break into the -911 - emergency telephone system and could comfortably have taken both of those networks down . . ." ------------- >From a September 2, 1998, Jane's Defense Weekly piece on information warfar e and the Department of Defense: "In one Joint Chiefs of Staff simulation, known as Eligible Receiver, US of ficials posing as terrorists were able to shut down key command and control systems at US Pacific Command headquarters." ------------- In an August 2, 1998 story by Cox Newspapers' by Andrew Glass entitled: "Ta rget America: Computer Warfare," the Pentagon grail is credited with turnin g off all operations of the DoD's Pacific Ocean/Asian command as well as th e 911 system. Sun Tzu -- an ancient and quite dead Chinese military philosopher -- is cre dited with the germ of the idea, too, somehow. "Last June, the National Security Agency staged a 'red team' exercise, code -named Eligible Receiver, in which agents pretending to be North Koreans in filtrated the command-and-control facilities of the U.S. Pacific Command in Honolulu --- demonstrating their ability to neutralize most U.S. armed for ces from Okinawa to San Diego for many hours without firing a shot. "Attaining 100 victories in 100 battles is not the pinnacle of excellence," [Sun Tzu] wrote in 'The Art of War,' the earliest known treatise on milita ry science. 'Subjugating the enemy's army without fighting is the true pinn acle of excellence.'" And, further on: "Appearing last June before the Senate Judiciary subcommittee on technology , terrorism and government information, Ellie Padgett, deputy chief of the NSA's office of defensive information warfare, told of one aspect of the wo rrisome success in Eligible Receiver. In a phase of the exercise that simulated attacks, she said, 'we scripted ( an) Internet message (that) would be sent out to everybody saying there was a problem with the 911 system, understanding that human nature would resul t in people calling the 911 system to see if there was a problem' --- thus causing the overloaded phone system to crash." ------------- In a speech in Aspen, Colorado, in late July 1998, the Pentagon's John Hamr e said of Eligible Receiver: "A year ago, concerned for this, the departmen t undertook the first systematic exercise to determine the nation's vulnera bility and the department's vulnerability to cyber war. And it was startlin g, frankly. We got about 30, 35 folks who became the attackers, the red tea m . . . We didn't really let them take down the power system in the country , but we made them prove that they knew how to do it." ------------- >From a June 1998 Congressional Governmental Affairs Committee meeting chair ed by Congressman and former actor Fred Thompson who played a naval command er in the movie adaptation of Tom Clancy's "The Hunt for Red October": "Lt. General Minihan, the Director of the National Security Agency, will id entify in greater detail the nation's vulnerability as revealed in a recent war game known as Eligible Receiver. The Committee also will explore wheth er the [Y2K] problem will increase America's vulnerability to attack. As we approach the 21st century, will terrorists and rogue nations test their in formation warfare weapons without fear of being caught and insert data smar t bombs into the nation's computers for use at a later date?" ------------- >From a May 24, 1998 story in the Washington Post written by Bradley Graham: "Many details of the exercise, dubbed Eligible Receiver, remain closely hel d. But according to official sources, a group of 35 NSA specialists simulat ed a series of rolling power outages and 911 emergency phone overloads in W ashington and a handful of other cities. They showed that large-scale black outs could be caused by targeting computerized sensing and control devices known as Supervisory Control and Data Acquisition systems, which have becom e common substitutes for human monitors in operating electrical, oil, gas, transportation and water treatment systems." ------------- >From an April 23, 1998 press conference led by Kenneth Bacon, the Pentagon' s head flack: "And that was one of the, as I said, one of the signal achievements of the exercise the Joint Staff ran, ELIGIBLE RECEIVER, to improve the awareness o f people within the Department of what the computer security issue is." Other relevant links: a.. About the Crypt Newsletter. b.. The Crypt Newsletter Guide to Electronic Pearl Harbor. c.. The Crypt Newsletter Guide to Tech Terminology. d.. Back to Crypt Newsletter Send a comment: George Smith, Editor copyright 1999 Crypt Newsletter. All rights reserved. ------------------------ Yahoo! Groups Sponsor ---------------------~--> HOW to SEE & RECORD EVERYTHING! TINY Camera for Under $80 BUCKS! PRICE BREAKTHROUGH --> CLICK! http://us.click.yahoo.com/w7toOC/.o6DAA/yigFAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2003-08-24 02:46:31 PDT