July 18, 2001

Cyber-attacks threaten Canada: CSIS

Terrorism goes online: Rogue nations using computers as weapons: sources

Stewart Bell National Post Extremists and hostile spies have been developing information warfare expertise that could cripple Canada's computer-dependent society within a decade, the Canadian Security Intelligence Service (CSIS) said in a report released yesterday.

The report places "weapons of mass corruption" on the list of threats to Canada's national security -- an admission that terrorists are treating computers and online networks as an untapped tool of modern political violence.

The attraction of cyber-terrorism is that anyone with a computer and modem can disrupt such essential services as banking, government and electrical grids without ever leaving the protection of a hideout, the report says.

"Information operations could be used to target national information systems from anywhere in the world using inexpensive hardware and software," it says. The result would be "significant social, political and economic" damage.

The report quotes U.S. sources as saying Russia, China, India and Cuba have acknowledged they are preparing for cyber-war, while the rogue regimes in Iraq, Libya, Iran, Syria and North Korea have some capabilities.

Although many countries are developing information weapons, few can currently mount an attack that would bring another nation to a standstill. "However, some could develop the required abilities to mount such attacks over the next decade," the report warns.

Computers have become an indispensible tool of warfare and insurgency. Wide-eyed radicals waving AK-47 assault rifles remain integral to violent movements, but they have been joined by a cyber-army of computer hackers who mount online attacks, send encrypted e-mail messages and run propaganda Web sites.

"We will use whatever tools we can -- e-mails, the Internet -- to facilitate jihad against the [Israeli] occupiers and their supporters," Sheik Ahmed Yassin, founder of the terrorist group Hamas, told USA Today.

"We have the best minds working with us," he said.

U.S. government computers were attacked repeatedly by hackers during the Gulf and Balkan wars. Since the recent rise in tension in the Middle East, Israeli and Palestinian groups have resorted to attacking each other's Web sites.

The Kurdish PKK, ETA in Spain and Provisional IRA are said to be developing the means to attack emergency services, air- traffic control and defence computers, according to July's edition of Jane's Intelligence Review.

"With cyber-attacks, you can shut down critical infrastructure -- electrical grids, banking systems, transportation systems -- from any place in the globe," said William Kelly, the former chair of the special Senate committee on security and intelligence.

The committee studied the threats to Canada in 1999. One of its key findings was the potential for destabilization as a result of computer attacks. It recommended the government change the Criminal Code to include laws specifically against cyber-related crime. It also said police should have access to the "keys" that would allow them backdoor access to encrypted data.

The government announced in February it was setting up a new federal agency to safeguard Canada's critical infrastructure from cyber-attacks and natural disasters. Margaret Purdy, who has a background in the intelligence field, was appointed to head the organization.

But the CSIS report acknowledges it would be impossible to guard against information attacks because the technology changes so fast.

According to figures compiled by Carnegie Mellon University, there were more than 15,000 computer security incidents in 2000, up from 10,000 in 1999, and 1,300 in 1993.

CSIS says most hacking is the work of "thrill-seeking amateurs" with no political agenda, as well as criminals and corporate spies. The security service says it is also investigating incidents of politically motivated information attacks.

Mr. Kelly said he is concerned the government may not be able to keep up with foes who have the ready cash, technology and know-how needed to cause widespread damage.

"We're far short of saying we've got this thing in hand and we don't have to worry about it," he said.

http://www.nationalpost.com/news/national/story.html?f=/stories/20010718/621766.html

-- Martin Thompson (mthom1927@aol.com), July 19, 2001