Information Warfare: January 18, 2002

Archives

Cyberwar takes a number of forms. Here are some of the principal targets known to be vulnerable to attacks over the internet or other networks.

- Electrical systems are shut down, momentarily or for days. While there is no standardization in the electrical generation or distributions system, it is common to control systems remotely via the net or a telephone connection. Security also varies, but an ambitious hacker could penetrate several systems, figure out how they worked, and do considerable damage. The military usefulness of this is obvious. U.S. military hackers are thought to see this particular kind of attack as very useful, at least in nations advanced enough to have remote access in their electric power industry.

- Criminal groups draining bank accounts. This is something that is an ongoing problem. But a highly organized and massive attack of this type could make a terrorist organization even more formidable. Rogue states like North Korea and Iraq have long used illegal scams to provide cash flow for their dictators. Kim Sung Il, the dictator of North Korea is known to be a PC enthusiast, so an attack of this sort may already be in the work from North Korea. Or attacks may have already been made, for the ideal hack of this sort would involve draining accounts in such a way that it looked like an internal flaw in the banks computer system. One military use of such access would be to cause enough disruption (by destroying or altering records) to cripple banks, and the banking system. This could disrupt segments of the economy that have the most military impact. Or you could just try to disrupt as many major segments of the economy as possible and inflict a lower capability on the entire nation.

- Some lower tech nations, like Iraq or North Korea, might find it advantageous to bring down the entire internet. Since the larger nations (like the United States ) are much more dependent on the net, this would be an overall advantage to a nation like Iraq or North Korea (or even China.)

- Assassination via tampering with hospital records. Most state of the art hospitals now have computerized systems that keep track of what drugs are to be administered to patients, when and in what quantities. These records also record what the patient is allergic to. You can figure this one out yourself. While a really big shot would have medical personnel manually double checking medication and such, you could still knock off a lot of mid level people (military, espionage or diplomatic types, or just someone who was getting in your way.) Again, the ideal way to do it is subtly, so the fact that it was a cyberattack was not revealed. That way, you can do it again. Maybe someone's already doing it that way.

- The military uses a lot of computers to take care of mundane tasks like logistics, transportation, assignments, training schedules and so on. These computers do not get the industrial strength security (which is expensive and requires more specialized people to maintain) that more important stuff (war plans, communications with combat units, nuclear weapons, research and so on). Thus it's easier to get into these systems and enough damage can be done to have an impact on military operations. This can be done two ways. At the beginning of a war or military operation in a massive way to disrupt enemy operations as much as possible. The other approach is to do as much undetected mayhem as you can get away with.

- Another target that can hurt military operations would be the mass deletion of government records. This would make government operations more difficult, and in wartime, the government provides many vital operations for the military. In particular, the government hires contractors, and makes deals to arrange transportation and housing for troops. If you can disrupt things like government payrolls or contracts, you make that government's troops much less effective.

- Another target is police departments and intelligence agencies. The intel outfits usually have high grade security on their main headquarters. But there are lots of "branch offices" that have lowered security. Intelligence agencies often work with local police departments, and the electronic records here are even easier to get at. This sort of thing is also of great interest to criminal organizations, and some hacking has apparently already taken place in this area. 

- Another area with some military impact, and a lot of benefit for terrorists, is hacking and disrupting the court and prison computer systems. This sort of thing is already of great interest to criminal gangs, who will often sell their access to anyone with enough cash. Playing with the court and prison system computers makes it possible to get your low and mid level people out of jail (and out of the country before they can be rearrested.)

- Immigration and customs computer systems. Cracking these can enable you to get saboteurs and spies into (or out of) the enemy country more easily. Mucking about with customs service computers lets you smuggle things in (bombs) and out (stolen technology) of the country.

- Air defense systems have long been tied together by computers. The U.S. did it first in the 1950s (leading to the design and manufacture of the first modems.) Hacking these systems can do all sorts of things, from crashing the system, to just putting false reports on enemy radar screens.

- The air traffic control systems are linked by a network. Ironically, the best defense this system has are the ancient computers that run it. This makes it more difficult (but not impossible) for cyberwarriors or terrorists to get in there and commit some mass murder (or just subtly interfere with air operations so as to hinder the war effort.) Military air traffic control systems are better protected, but still vulnerable.

- Industrial facilities (nuclear and conventional power plants, chemical plants, refineries, or other industrial facilities) are vulnerable to tampering via net connections. This could cause thousands of civilians to be injured or killed, not to mention damage to, or destruction of, the facilities.

 

X

ad

Help Keep Us From Drying Up

We need your help! Our subscription base has slowly been dwindling.

Each month we count on your contributions. You can support us in the following ways:

  1. Make sure you spread the word about us. Two ways to do that are to like us on Facebook and follow us on Twitter.
  2. Subscribe to our daily newsletter. We’ll send the news to your email box, and you don’t have to come to the site unless you want to read columns or see photos.
  3. You can contribute to the health of StrategyPage.
Subscribe   Contribute   Close