Government Warns of Information Warfare
In Tom Clancy’s novel
Debt of Honor, Jack Ryan, Clancy’s immortal hero, must fight time and the government to expose a Japanese tycoon who plans to destroy the United States by crippling the economic infrastructure by causing the stock market to crash through an online computer glitch and then take advantage while the country is in turmoil.
According to officials from the Department of Defense and FBI, and the director of the CIA, George Tenet, this plan is not so much fiction, but a possible reality the United States must immediately prepare for if the country is ever going to be able to prevent it.
Tenet told the Senate in June that China and other countries are targeting U.S. networks with information warfare technologies that could cripple telephone, electricity and other key infrastructures.
In fact, U.S. government computer systems have already been hacked, some by citizens of this country. A teenage boy was able to hack into and disrupt a Massachusetts air traffic control center. The loud alarms went off in February when two California teenagers roamed through unclassified military Web servers using statd, a program found on a variety of Unix platforms that allows a user to gain root access on a targeted Unix machine running Sun Microsystems Inc.’s Solaris operating system. Once inside, the youths created new accounts for themselves on those systems. Deputy Defense Secretary John Hamre called the assaults "the most organized and systematic attack" to date on Pentagon systems.
It is the person who taught the California hackers to do this who frightens the Federal Government. A young Israeli man, code-named Analyzer, tutored the boys in techniques that he has used to obtain access to what he claims are 400 military computer systems. Analyzer, whose real name is Ehud Tenenbaum, was arrested by Israeli police in March. Government officials fear that he may have traded his secrets and his passwords to malicious governments or terrorists.
In response to these fears, the FBI developed the National Infrastructure Protection Center (NIPC) in February of this year. The organization’s mission is to detect, deter, assess, warn of, respond to and investigate computer intrusions. Instead of just investigating and responding to attacks after they occur, the NIPC hopes to learn about attacks beforehand and try to prevent them.
Assisting the federal government and private industries is Axent Technologies Inc. (Rockville, Md., www.axent.com), an information security watchdog company. Axent works for companies to protect their information through software Axent develops and advice based on updated knowledge. To do this, Axent uses a "SWAT team" of Axent professionals who monitor typical attacks across the Internet and then publish on the Axent Web page information about the attacks and how to protect computer systems from them.
Rob Clyde, vice president and general manger at Axent, says the company uses the SWAT team to update its own software to enable it to protect against these attacks. Users access Axent’s Web site and click on SWAT, and they will be able to browse through a large selection of security and hacker home pages, and get the most updated information on recent Internet attacks. Using the SWAT team is free for anyone.
The problem for the enterprise is that for most networks to function, they have to be interconnected. The Federal Government and companies keep what information they can offline, but as Clyde says, "In order to be competitive, you have to be connected."
Clyde also complained that the punishments for hackers are so low that not enough is being done to deter these attacks from occurring. He comments, "You have the opportunity to disrupt the major parts of this country and get away with it."