~e; on cyberwar

From human being <human@electronetwork.org>
Date Thu, 24 Apr 2003 23:02:11 -0500

  A one-hour Frontline documentary on Cyberwar was aired
  tonight on public television (PBS) in the US which is set to
  air again, and which also has the whole TV show online at:
  http://www.pbs.org/wgbh/pages/frontline/shows/cyberwar/

  It is strange timing, or maybe it is the opposite, for in this
  week's upcoming newsletter is the second in a series of
  high-level resignations in the US cybersecurity force:

White House security adviser resigns // things must be really bad...
White House cybersecurity adviser Howard Schmidt has resigned his post,
becoming the second top government adviser to leave this year.
<http://news.com.com/2100-1009-997840.html?part=dtx&tag=ntop>

  Here are some of the major links to EM content on the site:

---
Vulnerability:
The Power Grid?
full:  
http://www.pbs.org/wgbh/pages/frontline/shows/cyberwar/vulnerable/ 
grid.html

"In a potential cyber attack on the U.S., there are experts who believe  
one of the targets could be the country's electric power grid. By  
exploiting vulnerabilities in the control systems utility companies use  
to remotely monitor and manage their operations, U.S. cities could be  
blacked out for extended periods of
time."

Here are excerpts from interviews with Richard Clarke, former White  
House adviser on cyberspace security; O. Sami Saydjari of Cyber Defense  
Agency; Ron Dick, former FBI security expert; James Lewis of the Center  
for Strategic and International Studies;  Michael Skroch of Sandia  
National Laboratories; John Arquilla of the Naval Postgraduate School;  
and John Hamre, former deputy secretary of defense.

---
Vulnerability:
Scada Systems?
http://www.pbs.org/wgbh/pages/frontline/shows/cyberwar/vulnerable/ 
scada.html

"Digital control systems, such as SCADA systems, supervise and control  
real-world structures like gas pipelines, oil refineries, and power  
grids -- and they can be manipulated remotely.  That, says experts,  
makes them a potential prime target for terrorist groups who could get  
inside these systems and inflict physical damage on the nation's  
infrastructure. Is the clock ticking on this kind of cyber-based  
threat?"

Here are excerpts from interviews with Tom Longstaff of the CERT  
Research Center; James Lewis of the Center for Strategic and  
International Studies; Joe Weiss of KEMA Consulting; Amit Yoran of  
Symantec;  Michael Skroch of Sandia National Laboratories; and a hacker  
who spoke on condition of anonymity.

---

  What was amazing to hear about are these SCADA (black box) systems,
  which were said to basically be the link between online worlds and the
  potential for offline cyberwar-based effects on Critical  
Infrastructures.

  There has been contention about the issue of the damage that cyber-
  war could bring up in relation to 'physical warfare' of bullets and  
death,
  and this is used by a sector of the defense establishment to discredit
  the threat versus that of the more media friendly and accessible way
  of war: blowing things up, and people seeing and relating to it in some
  tangible way. Versus the, on the whole, intangible connections between
  networks of information and the ability to leverage this as a tool of  
war.

  That it is severely discounted by those in the US Administration is
  beyond troubling, and the high-level resignations, even if it is not a
  'digital Pearl Harbor' scenario, are continuing the traits that lead to
  surprise attacks in the first place. Entirely foolish, as is industry  
if it
  thinks it will escape liability, so too for software companies, in the
  aftermath of losing an entire state's records in one day, all health
  information, all banking transactions, traffic lights do not work, and
  people die from loss of critical systems (in hospitals, accidents in
  cars and transit, weather and communication/emergency-related).

  That SCADA systems run most critical systems, and that a handful
  (5-6) of Operating Systems (OS') run on all these systems, alike, is
  just plain spooky to consider in relation to the fact that they are now
  penetrable, and do open the reservoirs and floodgates, literally. As
  well as high-voltage power switching, likely train and airplane and
  shipping networks, on and on. That this economic impact is not to
  be considered in terms of its social impact, and that _one_attack
  is assumed to be the case, as it seemed in the presentation by
  those who are content with insecure systems, is beyond belief.

  For instance, SCADA systems are unencrypted. An example was
  given of someone sitting outside a powerplant sniffing signals or
  sending a command via wireless. Most of this is automated as it
  seems to be remotely controlled functions for, say, making changes
  from a central station to substations via microwave link. It is likely
  anyone could catch a line-of-site from the top of a building if need
  be. Or, that the signal bends spreads enough over space that it is
  possible to be in the approximate line-of-site to hit the black box
  SCADA controls after gaining access, which is compared to being
  in the superuser position, over hardware, the gear, big nasty stuff.

  How to relate how things are today, in comparison is probably, if
  normal consumer life is to be related, quite similar in that there is
  no strong encryption and every e-mail can be sniffed for data, and
  each computer can easily be overtaken by spam and virii and also
  trojan horses for making attacks, but also data-burglaries in which
  information on one's system, passwords, identity-theft details, can
  be stolen or used, without any protection whatsoever. The entire
  system is insecure, and the encryption used for online banking is
  a reminder that if such systems have been hit in the past, it could
  be an issue of a billion dollars were to vanish in cyberspace, and
  not have that be considered a major problem for the institution and
  also the network. A few ideas on what consumers require today:

  -- Secure dial-up accounts, no rise in pricing due to liability issues.
  -- Secure FTP accounts and chat accounts
  -- Secure websites with insurance
  -- Secure e-mail via PGP over encrypted networks

  Instead what seems to be happening is the opposite of what should
  and that is the transparency is put in the wrong place, on consumers,
  where the zombie computers are harvested, when if these same
  systems were protected they would not be so easily attacked except
  by all but the best cyberwarriors. That would cut the datacrime rate
  down for the stabilization of e-commerce and online services and
  micropayments and such, over time. Instead, all this traffic is in an
  unencrypted state, and routers and other devices (ala Clipper Chip)
  are made to access data from networked connections, which, it is
  important to mention-- can also be accessed by enemies of war,
  basically making a tap on internet communications for anyone with
  the knowledge to do so, and if the security industry is any indication
  of trends, it seems these can be 'hushed' from public knowledge by
  security-through-obscurity, while the problem remains, & the threats.

  A wealth of information is on the site with links above. There is a
  message forum to post comments so the list newsletter info was
  sent there, along with comments about the 'nexus' situation between
  the SCADA black boxes of the 3D world, and the internetwork. It is
  ponderous what could occur given the ubiquity of wireless and wi-
  fi networks in the consumer realm, alone. Where thieves may be
  using sniffers and magnetic card copiers and color laser printers
  rather than crowbars, knives, and guns. Add to this the skills of a
  well-trained and new to the field (with an unknown approach)
  cyberwarriors, led by a general in a concerted multifaceted attack
  on a target, however defined, locally or globally, and the idea of
  security through obscurity does not seem like such a great move
  for regular citizens, or the government. But these days, reason is
  of little use, reaction is at its prime as a mover of the world mantle.

  With SCADA systems, the Critical Infrastructure (EM power, media,
  and large-scaled technological systems) can be compromised. In
  using non-secure operating systems, every home computer can
  be a loaded gun for an invisible visitor, maybe a friendly letter out
  of nowhere, or a spam sent to millions. With electromagnetism in
  the everyday this scales down to most everything computational
  that is connected in a system with some type of control. It may be
  the cyberwar equivalent of the EMP nuclear weapon that can be
  detonated miles above in the atmosphere and destroy everything
  that is electronic below it, for a large radius. In this case, just to  
hit
  the power grid would do that by itself. Think of stealing economies
  and social records in one fell swoop. It sounds possible, probable,
  and reasonable given the state of affairs. One rule of warfare that
  seems applicable here: do not underestimate your opponent. Yet,
  instead, the heads of US national cybersecurity are resigning as
  nothing is changing; nothing has happened, until something does.
  

  the electromagnetic internetwork-list
  electromagnetism / infrastructure / civilization
  archives.openflows.org/electronetwork-l
  http://www.electronetwork.org/list/
Follow-Ups:
- Re: ~e; on cyberwar
  - From: "Garnet Hertz" <garnet@vividworks.com>
Prev by Date: Re: ~e; News on Euopean H2 developments
Next by Date: Re: ~e; on cyberwar