In the summer of 1997 a top secret exercise, code-named Eligible Receiver, took place in Washington DC. The Department of Defence purchased around 30 computers and secretly installed them out of the reach of neighbouring government systems, connecting them to the outside world only through an internet service provider. Analysts were brought in from the NSA and given an assignment to "take down" the US. The results of this exercise-still classified-remain a source of dispute to this day.
There are two schools of thought as to what happened during the three months in which the US attacked its own electronic infrastructure. According to former Deputy Secretary of Defence John J Hamre, "a small handful of computer specialists can now wage war against the largest country in the world," and, in the words of Richard Clarke, the president's special adviser for cyberspace security, the analysts "had control of numerous significant computer systems." The media reported that the hackers had compromised the power grids of Washington, New York and Los Angeles, disrupted 911 service and shut down communications between the defence department and various Navy vessels.
The more sceptical view was summed up in the Los Angeles Times: "hype and hysteria have overshadowed... reality." The compromised power grids, according to New Scientist, were "virtual" ones. Former NSA cyberterror specialist Ellie Padgett disclosed that the disruption of 911 service consisted of the "scripting" of an "internet message" (translation: writing an e-mail) which "would be sent out to everybody saying there was a problem with the 911 system," in the hope of jamming telephone lines.
Eligible Receiver was allegedly an early warning of an "electronic Pearl Harbor"-a phrase that has given rise to much military obfuscation and a multi-billion dollar industry whose most vocal advocate is Winn Schwartau, author of Information Warfare. Through his website, infowar.com, and frequent television soundbites, Schwartau propagates the notion that cyber-armageddon is just around the corner. "A recognised nation state launches a cyber-attack against the north-east power grid," he intones in his book Cybershock. "Power is down for three weeks from New York to Bangor, Maine. Hundreds of people die." There is no explanation of how the "north-east power grid" is shut down, why it takes three weeks to restore power, or how real communities survive power cuts without many more deaths. The point of all this scaremongering is, one assumes, to frighten people into buying the security solutions available through infowar.com's corporate sponsors or Schwartau's company, Interpact Inc.
The academic literature on cyberterrorism likewise offers little rigorous analysis. A 2001 report from the Institute for Security Technology Studies at Dartmouth College argues that information warfare is "increasing in volume, sophistication and coordination." Yet none of its case studies profile attacks more sophisticated than website defacement or denial of service. Eligible Receiver is cited as the only proof that the US's infrastructure is open to attack. The report insinuates that since several internet worms have allegedly originated in China, there must be collusion between Chinese hackers and their government.
Testifying before the US Senate, Georgetown University professor Dorothy E Denning cited several case studies which "could have" resulted in information warfare. Aum Shinrikyo cult members "could have" planted malicious code in software developed for Japan's police; US emergency services exposed during (of course) Eligible Receiver "could be" disrupted. The dustjacket to Denning's 1999 book, Information Warfare and Security, suggests that "hacked" planes could end up plummeting from the sky. Inside, we're asked to ponder the suggestion that an information terrorist might cause "food supplies to be poisoned " and "economies to collapse."
The defence consultant community profits from this cyber-hysteria. Experts from companies like iDEFENSE, Computer Associates and Riptech are regularly cited in news stories, selling the message that a day of reckoning is to come unless businesses shore up their electronic defences.
This rhetoric brings to mind the last all-hands alert: Y2K. As if the malfunction of computer infrastructure wasn't enough, a plague of viruses was predicted that would take advantage of Y2K. Richard Clarke warned in the New York Times that "cyberterrorists" were planning an offensive involving "shutting down a city's electricity."
Y2K has come and gone and the hackers failed to appear. But doomsday scenarios aside, computer networks, both private and civil, are vulnerable to some degree of incursion. Information warfare can be broken down into three activities: intrusion, disruption and secret communication. The most serious scenario facing any computer network is intrusion: fraudulent entry into a private network. Intrusion is the most difficult to accomplish of all three forms of electronic assault. Contrary to popular belief, a system can only be hacked along pre-existing paths of entry and consequently hackers spend much of their time trying to be mistaken for someone else. One option is simply to call a na?ve systems administrator and claim to have forgotten one's password. Although relatively little effort is required to repel most intrusions, many network administrators fail to monitor accounts or change default passwords on new computers, and so a hacker's persistence is occasionally rewarded.
Once a network has been breached, an intruder is awarded specific access to computers within it. Since infrastructures are usually comprised of many interconnected networks, getting into one part of the system does not necessarily provide access to other areas. A hacker who compromises the accounts of an electric plant will not automatically be able to shut down the turbines. Not all networks are interconnected: many organisations, particularly government agencies, have an unclassified public network which is accessible from the internet and a classified network which is not. If these two networks aren't connected, there is no way a hacker can move from one system to another. As a result, most hackers of government networks content themselves with defacing webpages, in one instance getting the Pentagon's website to play the X-Files theme song. It is true that the Defence Department has an interest in stressing its invulnerability, but it claims that there has not been a single intrusion into its classified networks beyond a sighting of the ILOVEYOU virus in May 2000, which affected 1 per cent of one internal e-mail system.
The Melissa virus of 1999 was credited with causing millions of dollars in damage worldwide (due primarily to company downtime, not lost data). But by paying attention to known vulnerabilities, giving training (too few employees are warned about the dangers of unsolicited e-mail attachments) and updating anti-virus software regularly, most infections could theoretically be prevented.
The second form of hacking is disruption, usually in the form of "denial of service" attacks. Computers can only handle a certain amount of stimulus before reaching saturation point. Hackers can bombard web servers and e-mail accounts with so much information that the recipient systems shut down. Yahoo, eBay and Amazon were temporarily brought down in February 2000 using this method. While preventing these attacks can be difficult, it's worth noting again that many classified networks are either unavailable to remote users or have enough security to discourage saboteurs.
The third category of information warfare-secret communication-isn't really a form of assault at all. While sophisticated electronic monitoring systems like Echelon and the FBI's new Carnivore system allow law enforcement an unprecedented glimpse of private communications, the power of low-end encryption (simple word substitution) and high-end encryption (public key cryptography) ensure that anyone who needs to send a private message quickly can do so with virtual impunity. Al Qaeda, Hizbollah and Hamas have all been cited by the CIA as potential users of encryption technology. But there appears to be little law enforcement can do to inhibit it, much as the US can do little to deter the export of sophisticated computer parts to pariah nations like Iraq and North Korea.
So are we, as Winn Schwartau insists, balancing on a "knife-edged electronic precipice"? This is, one suspects, merely the aggrandisement of an electronic straw man for no other purpose than to rationalise its costly destruction. Strengthened by post-11th September wartime rhetoric, the cult of information warfare seems assured of continued patronage from the civil servants and doomsday entrepreneurs whose careers depend on its continuing but nebulous existence at the fringes of science and paranoia.
