A Charitable Research Foundation Devoted to Education, Consumer Protection, Scientific Advancement and Freedom...

  document Index | first magazine Section | main Archives

                                 ÿabout donations þ join H home ª media i about ( contact   

                      


InfoWars

Information Warfare and Computer Crime

* FOR IMMEDIATE SECURITY ASSISTANCE...
   VISIT COMPAMERICA's 902M Security Server >

    call 888-275-2771 for a user id - free to all ACSA members

 

We traditionally think of acts of war and terrorism as a physical assault against persons or property. However, it is now clear that future terrorist acts and wars will involve information and technology to a great extent.  Infowar isn't just a concern for nations - it is a concern for businesses and individuals.

Introduction

It has become clear that many future wars and acts of terrorism will take place in cyberspace rather than in the physical world. The reason?  Knowledge is power.  The Internet has made the knowledge base both accessible and vulnerable. Information warfare is the act of attacking this data.  Information warfare is not limited to disputes between countries, it can include corporate and economic espionage as well as bored teenagers looking to make a reputation as a hacker.  And, while it takes place in cyberspace, the impact can be felt on Main Street as critical infrastructures depend on computer controls to operate effectively.

Information Warfare (InfoWar) can be offensive or defensive. According to the Defense Science Board Task Force on Information Warfare, offensive information warfare is attractive to terrorists and armies as it is relatively inexpensive compared to the cost of developing, maintaining, and using advanced military capabilities. It may cost little to suborn an insider, create false information, manipulate information, or launch malicious logic-based weapons against an information system connected to the globally shared telecommunications infrastructure. 

For business continuity planners, their interest is obviously directed towards the defense against InfoWar.  For decades, information security (InfoSec) has been a concern for both technologists and risk managers. Now that we realize the seriousness of the InfoWar threat, we need to concern ourselves with far more than passwords and dial-up access.  The Internet and e-commerce have increased our vulnerabilities by many fold.  We have migrated to distributed computing systems that communicate over shared networks but largely still depend on the use of fixed passwords as the first line of defense -- a carry-over from the days of the stand-alone mainframe computer. We do this even though we know that network analyzers have been and continue to be used by intruders to steal computer addresses, user identities, and user passwords from all the major Internet and unclassified military networks. Intruders then use these stolen identities and passwords to masquerade as legitimate users and enter into systems. Once in, they apply freely available software tools which ensure that they can take control of the computer and erase all traces of their entry.

Hackers (or more appropriately, crackers) are making their impact known in powerful ways.  Recent e-commerce denial of service attacks have made infowar all to real for even the uninterested. During the recent conflict in Kosovo, hacking played a role in dispute as Serbs attacked the United Nation web site.

This is just the tip of the iceberg. There is much information available on information warfare and cyberterrorism.  The information and links below should help you find your way.

Crackers

Crackers are cyber terrorists.  Often inappropriately called "hackers" a  "cracker" is defined as one who perpetrates Denial of Service (DOS), cyber theft, and other acts of cyber vandalism. A hacker, on the other hand, is a term more appropriately used for programming gods and others that actually enjoy programming.

DOS attacks on e-comm leaders Yahoo!, eBay and Amazon.Com led Attorney General Janet Reno to exclaim this this was a "`wake-up call'' on what needs to be done to improve security and to catch crackers. (see story)

"There is much to be done and I think that this was a wake-up call for everyone concerned as to what needs to be done in terms of prevention, and what we need to do in terms of holding the people responsible for it accountable,'' Reno said.

This was actually a new type Internet attack. Using little known features of Internet protocols that have not previously been regarded as vulnerabilities, Distributed Denial of Service (DDoS) attacks were carried out using vulnerable web servers at universities and other sites to send high volume streams of pings to these large e-comm sites. Some experts believe that attacks of this form will proliferate.

Government on the Defensive

"We conclude that there is a need for extraordinary action to deal with the present and emerging challenges of defending against possible information warfare attacks on facilities, information, information systems, and networks of the United States which would seriously affect the ability of the Department of Defense to carry out its assigned missions and functions. We have observed an increasing dependency on the Defense Information Infrastructure and increasing doctrinal assumptions regarding the continued availability of that infrastructure. This dependency and these assumptions are ingredients in a recipe for a national security disaster."

Duane P. Andrews - Defense Science Board Task Force on Information Warfare (Defense)

The Defense Science Board Task Force on Information Warfare (Defense) was established at the direction of the Under Secretary of Defense for Acquisition and Technology in 1995.  The Task Force was directed to "focus on protection of information interests of national importance through the establishment and maintenance of a credible information warfare defensive capability in several areas, including deterrence." Specifically, the Task Force was asked to:

  • Identify the information users of national interest who can be attacked through the shared elements of the national information infrastructure.
  • Determine the scope of national information interests to be defended by information warfare defense and deterrence capabilities.
  • Characterize the procedures, processes, and mechanisms required to defend against various classes of threats to the national information infrastructure and the information users of national interest.
  • Identify the indications and warning, tactical warning, and attack assessment procedures, processes, and mechanisms needed to anticipate, detect, and characterize attacks on the national information infrastructure and/or attacks on the information users of national interest.
  • Identify the reasonable roles of government and the private sector, alone and in concert, in creating, managing, and operating a national information warfare-defense capability.
  • Provide specific guidelines for implementation of the Task Force's recommendations.

The full report is available on-line

CERT to the Rescue

The Computer Emergency Response Team (CERT) combined with the CERT/Coordination Center is the preeminent computer incident response team and a model for numerous similar teams.  CERT is part of the Software Engineering Institute (SEI), a federally funded research and development center established in 1984 by the U.S. Department of Defense with a broad charter to address the transition of software engineering technology. The SEI is an integral component of Carnegie Mellon University and is sponsored by the Office of the Under Secretary of Defense for Acquisition.  The CERT Coordination Center (CERT/CC) is a major reporting center for Internet security problems.

CERT was established after the Morris Worm incident in 1988 and originally worked almost exclusively on incident response. Since then, they have worked to help start other incident response teams, coordinate the efforts of teams when responding to large-scale incidents, provide training to incident response professionals, and research the causes of security vulnerabilities, prevention of vulnerabilities, system security improvement, and survivability of large-scale networks.

CERT offers a number of resources for computer incident response:

CERT Advisory Mail List

CERT Overview on Incident and Vulnerability Trends

Common Terminology Project (PDF file - Requires Adobe Acrobat Reader)

LINKS

Resources

Get anti-virus protection from McAfee.com They offer free virus news and also have a free virus map that offers a real-time, bird’s-eye view of where the latest viruses are infecting computers worldwide.

ZoneAlarm Pro provides powerful security for individual and networked PCs in a small or home office environment.

alt.comp.virus FAQ 

Sites

ISSA (Information Systems Security Association)

U.S. Critical Infrastructure Assurance Office

President's Commission on Critical Infrastructure Protection

Infowar.com and info-sec.com

Internet/Network Security BBS

ARC InfoWar

State of Texas Information Resources Asset Protection Information Exchange

ARIA

Journal of Infrastructural Warfare

ISSA (Information Systems Security Association)

ASIS (American Society for Industrial Security

BOOKS

The Art of Information Warfare: Insight into the Knowledge Warrior Philosophy

Information Warfare : Principles and Operations

Cyberwar: Security, Strategy, and Conflict in the Information Age

ICSA Guide to Cryptography

Time Based Security

Information Warfare : Chaos on the Electronic Superhighway

Strategic Information Warfare : A New Face of War

In Athena's Camp : Preparing for Conflict in the Information Age

The Future of War : Power, Technology and American World Dominance in the 21st Century

Defending Your Digital Assets Against Hackers, Crackers, Spies & Thieves