Friday, July 24, 2009

Information Warfare? [IW]

This is coolbert:

"A criminal act or an act of war? Until 9-11, the U.S. government treated terror as a criminal-type activity to be confronted with a robust law enforcement effort. That approach, however, proved inadequate."

Here an op-ed piece, from a year ago now but still very relevant, by the distinguished retired Colonel Austin Bay:

"In the computer age — and 2008 is definitely in the computer age — the difference between an act of war and crime is often a matter of interpretation as well as degree."

"An electronic attack doesn't leave craters or bleeding human casualties . . . However, the economic costs can be much larger than a classic barrage or bombing campaign"

Colonel Bay is speaking here of information or cyber warfare [IW]! Invasive attacks on computers from a hostile foreign power [or criminal gang] that can can bring a nation to the a standstill. Attacks - - no different - - according to U.S. case law, than a traditional criminal trespass, an intrusion - - no different - - than if a burglar had physically entered your home to rob you. Attacks upon military, governmental, scientific, and commercial computers and networks vital to the defense and prosperity of a nation!

Stealing data and information, slowing down economic activity, denying the use of valuable and absolutely essential computer time and access, etc. All done from a distance, in an insidious, even sinister manner. Even placing of deceptive and misleading data to confuse and flummox the unwary!

Recent REPORTED CASES ABOUND? Just from the last several years we have:

1. "Russia accused of unleashing cyberwar to disable Estonia· Parliament, ministries, banks, media targeted" [Two years ago!]

"Nato experts sent in to strengthen defences"

"A three-week wave of massive cyber-attacks on the small Baltic country of Estonia, the first known incidence of such an assault on a state, is causing alarm across the western alliance, with Nato urgently examining the offensive and its implications."

2. "Coordinated Russia vs Georgia cyber attack in progress" [One year ago!]

"In the wake of the Russian-Georgian conflict . . . speculations around Russian Internet forums have finally materialized into a coordinated cyber attack against Georgia’s Internet infrastructure. The attacks have already managed to compromise several government web sites, with continuing DDoS [Denial of Service] attacks against numerous other Georgian government sites, prompting the government to switch to hosting locations to the U.S"

3. "U.S. officials eye N. Korea in cyberattack" [From just recently, less than a month ago now!]

"WASHINGTON (AP) — U.S. authorities say they are eyeing North Korea as the origin of the cyberattack that overwhelmed government websites in the United States and South Korea. But they warned it will be difficult to quickly identify the attackers."

4. "Wide Cyber Attack Is Linked to China" [Continuing, all-encompassing, all-pervasive!]

"Security researchers said they have discovered software capable of stealing information installed on computers in 103 countries from a network that targeted government agencies."

"The software infected more than 1,200 computers, almost 30% of which were considered high-value targets"

"Among the affected computers were those in embassies belonging to Germany, India, and Thailand, ministries of Iran and Latvia, and a computer network operated by the organization of the Dalai Lama, the exiled Tibetan spiritual leader."

"The researchers . . . they traced the attacks to computers located in China, but didn't say who they thought was behind it."

5. The most recent report use of IW - - against those Iranian dissidents and protesters - - just a few weeks ago now, a rebellion gone-a-fizzle due to Iranian governmental IW directed against those in a state of semi-insurrection!


* Russia, North Korea, China, Iran. All nations hostile to the U.S. They, as it was during the Cold War, are on the offensive and we [U.S.] are on the defensive? The U.S. could respond in kind to cyber-attack if it so desired, but declines to do so. ONLY acts in a defensive manner and then reactive when an attack is detected? The U.S. HAS the capability to go on the offensive but hesitates to do so? The U.S. too is much more susceptible to cyber-attack than those nations less sophisticated and less-reliant upon cyber systems?

* Are these attacks to be defined as a mere criminal matter or an act of war? This cannot be decided by those in authority in Washington [or anywhere else for that matter]? The Obama administration has made the decision that this is a criminal matter?

* Stealing data or IMPAIRING the function of your computer is the same as ordinary criminal trespass! This is U.S. case law. And is international corporate law too?

* This sort of "warfare" is very cheap and relatively easy to do? The culprit nations can quite often be identified [?] with a degree of certainty, but NOT absolutely so.

* This is too an intimidating factor, no less so than weapons of mass destruction? Demonstrations are quite often carried out to scare and frighten. "See what we can do on a limited basis? Imagine what it would be like if we did this big time?!" This is the message in part.

* And as mentioned in the case of the Iranians, you can, using a cyber attack, not only observe and watch your opposition from afar, but have the potentiality to introduce deception - - creating chaos in the process. Deny your opposition the use of their computers and also if possible use their own computers against them at the same time!

Very scary!


No comments: