When Point and Shoot Becomes Point and Click

[William Knowles <wk () C4I ORG>]

http://www.nytimes.com/2000/11/12/weekinreview/12SCHW.html

By JOHN SCHWARTZ
November 12, 2000

The online world has entered a new phase. At first it was a
combination playground, library and meeting house for scientists and
soldiers, an inviolate virtual world. Companies later tried to turn it
into a mall. Now, it's becoming a borderless battlefield.

In recent weeks, the Middle East conflict spilled over into the
Internet as Web sites throughout the region have been altered with
messages advocating online attacks against other sites, both Israeli
and pro- Palestinian in some cases providing the software that make
such attacks possible.

This isn't the first conflict to see hacker activity; similar
incidents have occurred in the Balkans, Russia, Mexico and China.
"It's become almost standard practice in any political conflict to see
that occur," said Eugene Spafford, a computer security expert who runs
the Center for Education and Research in Information Assurance and
Security at Purdue University

And like the Internet itself, this cyber warfare simply ignores
national boundaries. Many attacks on Israeli sites have originated in
Pakistan, as did an attack earlier this month against the Web site for
the American Israel Public Affairs Committee, a lobbying group. The
site was defaced with anti-Israeli commentary. But this exploit took
cyberwar a step further: the attacker stole some 3,500 e-mail
addresses and 700 credit card numbers, sent anti- Israeli diatribes to
the addresses and published the credit card data on the Internet.

In an e-mail interview, the Pakistani hacker who took credit for the
attack, who uses the online name Doctor Nuker, said he founded the
Pakistani Hackerz Club with a friend, "Mr. Sweet," "to hack for the
injustice going around the globe, especially with Muslims."

He said he published the private information about some of the
lobbying group's contributors because "they are the supporters of
Israel too."

Michael Salberg, a New York lawyer whose personal information hit the
Web as part of the attack, said he was shaken by the ability of
participants in a faraway conflict to affect him personally. Mr.
Salberg said he found it chillingly ironic that he found out about the
incident while attending the annual meeting of the National Commission
of the Anti-Defamation League, the policymaking and governing body of
an organization that opposes the use of hateful speech in the real and
virtual worlds.

Some call this infowar: the use of high technology and, particularly,
the Internet to mount attacks. But much of the recent activity falls
under a new buzzword: "hacktivism," a portmanteau term drawn from
"hacker" and "activism."

Online pundits have long predicted hacktivism would be a force, but it
was not widespread until recently, said B. K. DeLong, who works with
attrition.org, a nonprofit site that monitors hacking activity.

Citing Election Day attacks on Web sites of the Republican and
Democratic parties in the United States, as well as the attack on the
lobbying group, Mr. DeLong said, "This is the most hacktivism we've
seen in months."

And while most defacements simply contain semiliterate bragging, the
hacktivists aim for a more intellectual effect. The Republicans' site
was altered to begin, "As my dear friend Thomas Paine once said, these
*are* the times that try men's souls." (The asterisks, a computerese
way to add emphasis, were supplied by the hackers and not the
Revolutionary-era champion of liberty.)

Trying times, indeed. What would Tom Paine say about this? The Supreme
Court has declared the Internet the most perfect example the world has
yet produced of the marketplace of ideas that the founders envisioned.
Yet the founders abhorred those who would shout others down in
argument, as the hacktivists do.

Recent sites attacked in the Israeli-Palestinian conflict include the
Partners in Torah site for Jewish information and the All-Kosher Index
of the United Kashrut Authority sites far removed from the conflict
and used by people searching for information. By blocking such sites,
are cyberwarriors engaging in the equivalent of bombing libraries?

That's a minor consideration for Michael O'Hanlon, a senior fellow at
the Brookings Institution, who said that today's hacktivism could help
military organizations prepare for the worst. "People do you the favor
of attacking you so often that you have a chance to build up
protection," he said. "Had Israel overlooked the weaknesses still
inherent in the Internet and had critical military networks depend on
the network, it was leaving itself vulnerable. It's a great way to
figure out where your weaknesses are."

Amitai Etzioni, a professor of sociology at George Washington
University, sees even more good news in the cyberattacks. Perhaps
wishfully, he says they move people from the battlefield and into the
virtual world, from war, with its real bullets and blood, to pretend
war, with its computer game casualties.

"If all wars could be so converted," he theorized, "it would be
wonderful." Ultimately, Professor Etzioni said, today's attacks are
"cybergrafitti." "It may be annoying," he said, "but it's harmless."

So far.

David J. Farber, an Internet pioneer who serves on the board of the
Electronic Frontier Foundation, an online civil liberties group, says
that as dependency on the Internet increases, cyberwarriors will do
real damage. Businesses will collapse if customers can't reach them
online, power grids might be brought down with a mouse click.

At some point somebody's going to get the brilliant idea, `Why bomb
them? Why not cyberbomb them?' " Mr. Farber said.

He sees a day when disinformation experts will plant false rumors
online the wartime equivalent of the PairGain scam, in which a stock
speculator created a sham financial news item on a Web page that
looked like part of a news service's site. "There are going to be a
lot of interesting experiments done in this kind of psychological
warfare," he said.

If war is hell, cyberwar could turn out to be cyberhell. And we're
only beginning to discover what that means.


[Defaced American Israel Public Affairs Committee site]
http://www.attrition.org/mirror/attrition/2000/11/02/www.aipac.org/


*==============================================================*
"Communications without intelligence is noise;  Intelligence
without communications is irrelevant." Gen Alfred. M. Gray, USMC
================================================================
C4I.org - Computer Security, & Intelligence - http://www.c4i.org
*==============================================================*

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".