Information Warfare: June 3, 2005

Archives

The Central Intelligence Agency is running a large cyberwar wargame, to try and get an idea of how vulnerable the United States, and everyone else in the world, is to attacks over the Internet. Called "Silent Horizon," the exercise is meant to see how government and industry cyberwarriors could react to Internet based attacks. Because of the industry involvement, the exercise received some publicity. 

Nuclear weapons have kept the major nations from going to war with each other for the past half century. That will probably continue. But cyberwar provides an opportunity to fight an anonymous war against another nation. This sort of "anonymous attack" has been done in the past, largely by quietly supporting opposition or terrorist groups in enemy nations. This is still going on. The key is hiding your tracks. Get a nuclear armed country mad enough, and they will toss a nuke your way.

It is thought that the highly damaging Code Red virus of 2001 came from China. The origin of the virus was traced back to China, but China denied any responsibility. Code Red did much less damage in China, because there the operating system of choice is Linux, while Code Red only attacked PCs using Microsoft software. This makes it easier for a nation like China to launch cyber attacks on the United States without fear of the weapons coming back to hurt China's growing Internet infrastructure. There have been other attacks that were traced back to places like Russia and Iran. So the capability is there, only the covering your tracks angle needs work.

China, unlike other nations hostile to America (North Korea, Iran), has a large and growing Internet presence. China has thousands of skilled Internet programmers, and has admitted it has put together military units for developing and using cyberweapons. So the next time there are tensions between the United States and China, there might be an outbreak of nasty, and hard to trace, cyberwar attacks on the United States. The only problem China faces with this approach is that if its weapons hit other nations as well, and China were found out, the diplomatic backlash would be damaging. Even if attacks only made against United States and were not traced back to China, China would still be the chief suspect. It would be a case of China being the only nation with the motive and means. Of course, China could always slip Iraq, Iran or North Korea a CD full of choice cyber weapons and wait for those nations to take a shot at America. And the Chinese are no doubt aware that America could launch it's own anonymous cyber attack on China. You wouldn't be able to hide the effects of such a covert war, nor the scrambling of diplomats to bring the undeclared war to an end. It will happen.

There is also fear that terrorists will try a major attack via the Internet. This has not materialized. Yet. There are a lot of Internet savvy people in, or sympathetic to, terrorist organizations. Most terrorist groups are known to be enthusiastic users of the Internet. Osama bin Laden and al Qaeda have long made use of the Internet (and said so publicly before September 11, 2001.) The lack of terrorist attacks via the Internet is actually indicative of the amount of skilled manpower you need to create and execute an original attack. Remember, once a new virus is created and released, or a newly found net software's vulnerability is exploited, high profile sites (that would be most attractive to terrorists) usually are the first to adjust their defenses. Pulling off a damaging cyberwar attack requires talent and technology. Without doubt, a terrorist organization will eventually manage to put together such a group and something grim may happen. Will it be sooner rather than later? Note that in late 2001, there was a noticeable increase in scanning and probing of U.S. and European power plants from locations in the Middle East. Someone's apparently trying to get into a nuclear power plant and cyberblitz it. 

The current terrorist threat is from Islamic and Arab countries, which tend to have the least developed Internet resources (in terms of Internet use and Internet experts.) But if the terrorists have money, there are any number of criminal gangs who will deal with anyone. There's also the possibility that an espionage effort might obtain some of the military grade computer weapons (especially viruses and other cyberweapons.) At the end of the Cold War, both Russia and the United States were surprised at the number of traitors there were on both sides who did it for money. 

The CIA exercise is taking the cyberterrorism angle one step further to include NGOs (Non-Governmental Organizations). Were not talking about the Red Cross, but anti-globalization organizations, and other outfits where orphaned leftists and anarchists have found a new home. The exercise is also meant to get a better view of the doomsday predictions some Internet experts have been making for years. The apocalypse is always just around the corner, and the CIA would like a peek at what is actually around that corner. 

Another problem the CIA wants to address is who would actually deal with a major cyberwar attack. In theory, the government is in charge, but in practice, the defenses are controlled by a number of civilian telecommunications firms, aided by an irregular militia of civilian Internet experts. The government wants a better idea of how all this works, so they can take charge without screwing things up.