fair use, etchttp://www.usnews.com/usnews/issue/000313/cyberwar.htm

World Report 3/13/00

A glimpse of cyberwarfare Governments ready information-age tricks to use against their adversaries By Warren P. Strobel At first, the urgent phone call from the U.S. Transportation Department confounded Cheng Wang, a Long Island-based webmaster for Falun Gong, the spiritual movement that has unnerved Chinese authorities. Why did the department think his computers were attacking theirs? The answer turned out to be startling. The electronic blitz hadn't come, as it seemed, from various Falun Gong Internet sites. Rather, someone had lifted their electronic identities. Computer sleuths followed a trail back to the XinAn Information Service Center in Beijingwhere an operator identified it as part of the Ministry of Public Security, China's secret police. Web hacking, it seems, isn't just for amateurs anymore. While the recent rash of cybervandalism against some of E-commerce's biggest names has garnered headlines, that's only part of the story. From Beijing to Baku, governments and their surrogates are using the Internet to harrass political opponents and unfriendly neighbors, to go after trade secrets, and to prepare for outright warfare. Burma's military junta, for instance, is blamed for targeting the "Happy 99" E-mail virus at opponents who use the Net to advance their cause. Dissidents describe the attacks as ineptproof, perhaps, that dictatorships are still behind the hacking curve. Hack attack. But Burma is not alone in trying. In January, hackers from Azerbaijan with names like "The Green Revenge" and "Hijack" tampered with dozens of Armenian-related Web sites, including host computers in the United States. Experts suspect involvement or support from the Azerbaijani government, which imposes tight controls over Internet use within its borders. Relations are tense between Azerbaijan and Armenia, which fought a war over the disputed territory of Nagorno-Karabakh, so it wasn't long before the Armenians retaliated in kind. It is "the first precedent of a physical battle going online," says Jonathan Peizer of the Open Society Institute, whose Azerbaijani office was affected by the attack. In Cheng Wang's case, his computers in Hauppauge, N.Y., were among Falun Gong sites around the world hit by a barrage of hacking attempts and E-mail "bombs" that coincided with a physical crackdown on the group's practitioners in China. Several of the hacking incidents were traced to the mysterious XinAn office. It is often difficult to track down who is to blame. But for networked Americans, who own 46 percent of the world's computing capacity, such electronic conflict should be unsettling. True, the scariest scenarios dreamed up by experts, such as a hostile government disrupting financial markets, haven't come to passyet. But more than a dozen countriesamong them Russia, China, Iraq, Iran, and Cubaare developing significant information-warfare capabilities. A senior CIA official cited a Russian general who compared the disruptive effects of a cyberattack on a transportation or electrical grid to those of a nuclear weapon. China is considering whether to create a fourth branch of its armed services devoted to information warfare. The Pentagon isn't sitting still either. Come October, the U.S. military's offensive cyberwarfare programs will be consolidated at the U.S. Space Command in Colorado. Nearly as worrisome as a cyberattack to experts is electronic espionage. From March 1998 until last May, intruders broke into computer systems belonging to the Pentagon, NASA, the Energy Department, and universities, making away with unclassified, but still sensitive, data. One of the worst computer security breaches in U.S. history, it spawned an investigation, named Moonlight Maze, that pointed to a Russian intelligence-gathering operation. Successful cyberwar is likely to be like thatno exploding munitions to tell you you're under attack. Tapping into an adversary's command-and-control system could yield a gold mine of data about enemy plans. The longer a cyberspy conceals his presence, the longer the intelligence flows. Or, false information about troop locations and battlefield conditions could be inserted into enemy computers, so that leaders would end up making decisions based on bogus information. During the Kosovo bombing campaign last year, the Pentagon set up a high-level information-operations cell. "All the tools were in place," according to an internal briefing prepared by Adm. James Ellis, NATO's No. 2 military commander during the war. But the United States mostly held back. By the time Pentagon lawyers approved cyberstrikes against Serbia, events had overtaken the need for them. Double-edged sword. Cyberwar raises a host of unprecedented legal questions. The line between fair-game military sites and civilian infrastructure may not exist. "There is collateral damage in cyberspace," says John Thomas, formerly a top Pentagon information-security official now with AverStar Inc., an information-technology firm. "If you diddle with somebody's control mechanisms, how assured are you that it would stop right there?" The United States, more dependent on computer networks than anyone, might lose the most in legitimizing cyberwar. Some countries, including Russia, have proposed what might be called "electronic arms control." But the obstacles are daunting: Verifying a treaty would make counting Russian nuclear missiles look easy. Among the sites hacked in the Caucasus Web war was one belonging to the D.C.-based Armenian National Institute, which studies the 1915-18 Turkish genocide of Armenians. Logging onto www.armenian-genocide.org in late January, you would have been redirected to a site offering information on Azerbaijan's president. "I would certainly encourage everyone to desist, if not indeed [call] a total cease-fire," said institute Director Rouben Adalian, who reported the matter to the FBI. Jay Valentine already has his own rules. Valentine is president and CEO of Austin-based InfoGlide Corp., which makes powerful search software for such uses as insurance-fraud investigations. He will not license the technology to nine countries and three U.S. government agencies because of the potential for privacy abuse. That hasn't stopped at least one of those countries from trying. Two years ago, Valentine says, a company tried to buy rights to the technology. It turned out to be a frontfor the Chinese government. With Richard J. Newman

-- charlie (cml@workmail.com), March 04, 2000

Answers

Please Charlie, I've got to read this mess. Once you have pasted, please hit some double returns so my eyes can focus.

Tommy

-- Tommy Rogers (Been there@Just a Thought.com), March 04, 2000.

Sorry, Tommy, I guess you can see why I have a hard time on the new board. I'll try to do better, but I'm always afraid that if I alter the format too much from the copy it might be construed as some sort of "rephrasing".

-- charlie (cml@workmail.com), March 04, 2000.

Charlie, you won't be acused to be rephrasing if you post the URL, as you've done above.

Feel free to post it again, in a better format.

-- Old TB2K forum regular (freespeech@yahoo.com), March 04, 2000.