Get Ready for Cyberwarsgreenspun.com : LUSENET : Grassroots Information Coordination Center (GICC) : One Thread
Get Ready for Cyberwars By Ron Chepesiuk
Many may not know it but China and the United States have been at war — not with soldiers or bombs, but rather with geeks and computers. In May, American computer hackers mounted attacks on Chinese Web sites and their Chinese counterparts began retaliating in earnest. The "cyberwar," so far, has been pretty tame. That could change, however.
When the cyberwar finally ended in mid-May, analysts took stock of the damage and estimated that the hackers had struck a few hundred Web sites with messages paying tribute to the Chinese government. But the analysts also downplayed the episode and the media’s use of the term "cyberwar" to describe what happened.
"It was a geek war, minor stuff, that didn’t directly involved the Chinese and U.S. governments," said Adam Keiper, president of the Center for the Study of Technology and Security in Washington, D.C. "The damage was minimal. After all, no banks were broken into, no electric power grids crashed, and no air service was disrupted."
The Web site for the White House Historical Association, is a typical example of the extent of damage hackers inflicted. When the Historical Association received e-mails asking the strange question, Why do you have Chinese flags on your web site?, the manager found on the home page, the PRC flag, which didn’t exactly mesh with the pictures of Abraham Lincoln and George Washington next to it.
Keiper added that the U.S.-China hacker spate did do one positive thing: " It drew attention to the potential dangers that cyber attacks pose to economic and security systems and to the serious consequences that might result from such actions."
What happened in cyberspace between China and the United States last spring foreshadows how conflicts will be fought in the future. Cyberspace will be the major battlefield of the 21st century, analysts have predicted, and a country’s primary military objective will be to shut down the enemy’s computer system, not blow up its military installations or shoot down its planes. Such a scenario will have serious implications for businesses and economic systems.
"I see no evidence to indicate that the United States is doing enough to protect its economic system," said Chris Rush, president of Chris Rush and Associates, a White Plains, N.Y.-based consulting firm.
Added Rush: "Cyber hacking has become a worldwide problem. I don’t think there is a country in the world that hasn’t experienced it at one time or another."
Indeed, there have been several incidents in the last two years that give a chilling picture of the type of cyber warfare that will fought in the future:
— In April 1998, computer hackers threatened to sabotage Indonesia are banking system if the country rejected the upcoming vote on East Timor independence. East Timor resistance leader Jose Horta warned that hackers were designing a dozen computer viruses to infect computers if the ballot on the territory’s future was fraudulent.
— Last year, a group of Pakistani hackers used the conflict in Kasmir as reason to deface 600 Web sites in India and to take temporary control of several Indian government and private computer systems. Much of the group’s damage came in one attack, when they broke into IndiaLinks, India’s largest Internet service provider, and defaced more than 500 sites hosted by the company, including many owned by businesses.
— Last February, computer hackers from the China launched hacker attacks against major Japanese companies as retaliation against what they perceived as Japan’s increasing hard-line against China. Slogans put on the defaced Web pages included "Down with Japanese militarism" and "Kill all Japs."
— From March 1999 to April 2000, there were 89 hacker attacks on 60 government agencies in Malaysia, which included sensitive data carrying departments such as the treasury, immigration, public works and social security. Also hit were several non-government sites, including Hong Leong, Malaysian Airlines and MidValley Mega Mall.
— On May 15, a South Korean government security agency blamed the Sino-U.S. cyber war for the 164 cyber attacks on South Korean Web sites that had occurred since the previous May 4. Computer analysts told the Times of India that American and Chinese hackers were using Korea to get into rival countries’ computer systems without revealing their identity. South Korea has extensive computer links with both China and the United States.
The reported cyber attacks are just the tip of the iceberg, the experts say. "Many governments and companies consider it bad practice to reveal that they have become a victim of a successful computer attack," Keiper explained.
On the Defense
Many countries have moved to defend themselves against cyber conflict by developing the capacity to launch counter attacks that can wreck havoc on the enemy’s computer systems. In addition to the United States and China, these countries include North Korea, Britain, Cuba, Iraq, Libya, Israel, France and Taiwan.
Since the late 1990s, China and Taiwan have been in a hacking war. In August 1999, for example, after Taiwan President Teng Hui-Lee propounded the "two state theory" of China, Chinese and Taiwanese hackers bombarded each country’s Web sites with crude messages. In 1999, the media reported that the PRC was getting ready to spend billions of dollars on a high-tech upgrade of the People’s Liberation Army to prepare the country for future cyber war with Taiwan and its allies. In January 2000, Agente France Press reported that to defend itself, Taiwan had developed approximately 1,000 computer viruses.
"Taiwan has one of the world’s largest computer software and hardware manufacturing bases," said D.K. Matai, managing director of the British-based Mi2. "The computer software programmers in Taiwan are world class. Our view is that getting involved in any kind of conflict with Taiwan, given the kind of intellectual capacity the country has, may prove detrimental."
The Chinese government has been quite open about its future strategic military objective. In paper appearing in the spring issue of China Military Science journal, a member of the Chinese Committee of Science, Technology and Industry of the System Engineering Institute, wrote: "We are in the midst of a new technology in which electronic information technology is the central technology. The technology provides unprecedented applications for the development of new weaponry … Military battles during the 21st century will unfold around the use of information for military and political goals."
Meanwhile in the United States, the U.S. Space Command has been building offensive computer weapons to use against its enemies, it announced in fall 2000. Secretary of Defense Donald Rumsfeld has ranked cyber warfare a major national security threat and made the protection of intelligence, communications, logistics, navigation and military computer functions the United State’s top priority.
What kind of viruses will the United States unleash against its enemies if cyber war becomes a reality? They include so-called "Trojan horse" viruses that can be put into an enemy’s computer systems; logic bombs that can be triggered on command; "sniffer" programs that eavesdrop, monitor and then steal data from networks; and programs called worms that can reproduce themselves and cause networks to overload.
In the past decade, information technology has become critical to the global economy. That means Asian American businesses need to protect themselves against the threat, security analysts advise. Businesses need to determine what resources they want to protect, what valuable data is stored in their computer system, and what security risks are associated with it. In a recent University of Michigan study, 93.6 percent of the 200 businesses surveyed said computer crime struck their operation at least once.
"Hackers view the United States as a special challenge," Rush said. "Just because a business is small doesn’t mean that it isn’t vulnerable to cyber attack. A business, whatever its size, should have cyber security measures in place."
But preparing for disaster is only the beginning. As the Internet evolves, information systems will become more complicated and hacker skills more sophisticated, the ability to protect ones interests can only become increasingly difficult.
Said Keiper: "The vulnerability to cyber attack will increase as we become more and more dependent on the Internet in terms of information technology."
-- Martin Thompson (firstname.lastname@example.org), August 04, 2001
Cyberterrorism is the "never ending Y2K". The immediate cause isn't the same, but the underlying fundamental cause is the same: Overdependence on Information Technology. More important, the potential effects are similar: Widespread and sudden infrastructure disruption, but of unknown timing. Hopefully, the relatively minor hacking done so far is serving as a "warning shot" to beef up security, and prevent or at least cushion the Real McCoy when it hits. If so, it will be like a "medium case" rather than a "worst case" Y2K-like infrastructure meltdown.
Unlike Y2K, this threat the U.S. Government acknowledges and does not cover up. See http://www.nipc.gov, esp. "Frequently Asked Questions". The "buzz words" are the same: Cascading effects, interdependencies, mission critical, disruption, overdependence on Information Technology . . .
-- Robert Riggs (email@example.com), August 05, 2001.