Interesting People mailing list archives
PROTECTING THE SYSTEM
From: David Farber <farber () central cis upenn edu>
Date: Tue, 9 Nov 1993 03:43:40 -0500
Peter gave me approval to send this around. Jim ----- Forwarded Message Date: 06 Nov 93 17:32 GMT From: D1371 () applelink apple com (Xiphias, Peter Black,PRT) Subject: NLW To: OPFER () radiomail net Jim Here's an Op-Ed piece I just finished for a rag called Washington Technology. Thought you'd like to see it. It's on the premise of Soft Kill. PROTECTING THE SYSTEM At the outset of his story of the gulf war, Crusade, Rick Atkinson tells an interesting tale. A new, highly classified, warhead for the Tomahawk cruise missile is ready to go. It the product of a concerted effort to build non-lethal weapons. Its purpose is remarkably simple. The warhead spools out carbon-fiber wire as it passes over power lines. When it makes contact, the lines short out, and turbines freeze. The lights go out. Noone is immediately hurt, but things come to an utter standstill. Some of America's top policy makers do not want to use the weapon. Not that they doubt that the thing will work. Rather, they fear it will work exceedingly well. They know how vulnerable the US is to a similar attack. They know the US has no adequate defense. In fact, the whole of the American infrastructure - communication, transportation, power, water and computing systems - is largely unguarded against attack. The last twenty years have brought a startling increase in the complexity of the systems which service our society, with a parallel increase in our dependency upon those systems. Aqueducts, oil and gas pipelines, canals, bridges, antennas, coax and fiber optic cables - these are the outward manifestations of critical systems. More invisible, more vulnerable, and far more important are the software driven systems. From GPS dependent weapons to funds transfer, from frequency agile secure communications to air traffic control, from massively data-based military logistics to everyday phone calls; all of these are systems with software underbellies. This stuff is the new geography, and as such dictates a new kind of warfare. Clausewitz, the famous 19th century war theorist, posited two forms of warfare. In one, the intent is to penetrate and take command over someone else's territory. In the other, the point is the obliteration of the enemy. The modern means of obliteration are quite good - so good that noone is likely to use them. The attempt to gain some marginal control over someone else's territory is more likely behaviour, if the US can be kept from interfering. There is now a terrific way to keep the US out of the picture - making war on America's infrastructure. Unlike the weapons of mass terror and destruction - nuclear, chemical and biological - I-war techniques can be rendered in shades of gray. The force of the attack can be dialed in for effect. Two example: A quiet attack: The electronic switching system for telephones outside of Fort Bragg is penetrated by sophisticated hackers. A subroutine is added to the operating system of the switch. All it does is watch a selected set of phones for evidence that the Delta force is being mustered. When the traffic analysis detects the right pattern of phone calls, the bad guys are notified. Cost: minimal. Requirements: several hackers for several months. A noisy attack: Two critical aqueducts, Highways 5, 10 and 15, and several critical power grids serving the Los Angeles area are rendered inoperable by a combination of both software and physical attack. LA suffers the equivalent of a myocardial infarct. Panic ensues, and the US is utterly preoccupied with getting Los Angeles back on its feet. In the meantime, an aggressive gulf state takes control of a critical port near the straits of Hormuz. The US simply doesn't have the bandwidth to deal with it. Cost: $1,000,000. Several special operations people, several hackers for several months. Unlike conventional 20th century techniques of making war, a state of the art attempt to attenuate the US ability to respond to challenges need not require the politically incorrect destruction of human beings, buildings and weapons. It can be as simple as arranging to turn out the lights, cut off the water, and screw up the computers. In the resulting chaos, it's pretty easy to raid the chicken coop. This stuff can and will happen. The Department of Defense has developed a non-lethal warfare initiative, but its emphasis is on offensive tactical battlefield techniques. The bag of tricks includes carbon-fiber warheads, electro-magnetic pulse devices to fry electronic systems, chemicals to turn truck tires to jelly, and viruses to infect computers. Little or nothing is being done, however, to protect American Infrastructure. Some who are aware of the threat shrug their shoulders and assert that the scale of the problem is too great, the funding required impossible. Other than evidencing a failure of nerve, this response indicates a bankruptcy of intellect. The underlying assumption is that defense against infrastructure warfare must be preemptive. One imagines armed guards along aqueducts, sophisticated sensors lining power lines and highways, and vast cadres of people actively monitoring computer networks. But a preemptive defense is the dumb way to do it. The smart way is to prepare to bounce back after the attack - quick. Smart computer folk only suffer the misery of a hard disk crash on their computers once. After that, they back up their data. It has become customary to automatically back up data in the past few years, and the really careful ones cycle their backups offsite. Just to be safe. Five years ago, Robert Morris let loose his attack on Internet. An ad hoc team of computer scientists at Carnagie Mellon was on the case within hours. Within days they had stopped the virus and disseminated the proper recovery techniques to network users. This team formalized into CERT, the Computer Emergency Response Team. They are, in effect, the first digital fire department. In the intervening years, similar teams have reportedly been established at the NSA, CIA, DOD, DOE and Justice Department. The conclusion is this: an agile response by the fire department is just about as good, and much cheaper than a vast cadre of arson guards and a gigantic network of heat sensors. An inexpensive, practical defense depends on several things. First, people must be made aware of the vulnerability and its implications. In pure self-interest, they will begin to think of means of defense. Second, each instance of attack must be publicized. The style and degree of success of the response must be subject to free discussion. In effect, version 1.0 of the response will be modified to a more bug-free version 2.0 of the response. This can only happen if the community as a whole has the ability to think and comment freely. This kind of agility is precisely what makes for great software companies. In this new world where the systems upon which we depend are founded upon software, our strength is founded in our flexibility, and the haste with which we can respond.
Current thread:
- PROTECTING THE SYSTEM David Farber (Nov 09)