Wars of the future... today

For the past three generations of Americans, going to war meant images of Robert E. Lee on horseback, front page stories of a sharpshooting Sergeant York, newsreel footage of Marines storming Guadalcanal, Walter Cronkite interviewing American GIs in Vietnam, or CNN's live coverage of military operations during the Gulf War.

But the wars of the future may not be so hands-on. Or so visible. Instead, they may be fought by "cyber-knights," young men and women who sit at rows of computers at secret locations in the United States and can launch a barrage of cruise missiles from an unmanned naval vessel in the Mediterranean, or release an Internet virus that will overload the power grid in Pyongyang, North Korea.

There will be no news coverage of battlefields, because there may not be battlefields as we now know them. These wars may be more damaging, but they will mean fewer casualties and quicker victories.

There is another side to this cyber-scenario, however.

As the US moves toward using information warfare, so do its opponents. In fact, many say that the more the US uses cyber-technology as a weapon, the more it exposes itself to cyber-attack by foreign governments, freelance hacker/terrorists and clever cyber-criminals.

In terms of conventional weaponry, the US dominates the global battlefield. With Russia reeling from economic and political catastrophes and China years behind in firepower (although recent events have shown that time window is much shorter than originally thought), there are no legitimate contenders for the US title of world superpower.

It's no wonder then that many foreign government and terrorist organizations view the Internet and other computer network systems as a way to balance the odds quickly and cheaply.

Yet there may be no choice but to move forward, as information technology becomes more and more important to the way the US, and the world, does business, relaxes, and defends itself.

Normally, forewarned is forearmed. In cyberspace, that isn't always the case.

Take the NATO bombing of the Chinese embassy in Belgrade several weeks ago. Rage spread across China and hackers from the mainland attacked the Web sites of the US Departments of Energy and the Interior, and the National Park Service. A subsequent attack brought down the White House Web site for three days. The attacks generated headlines across the country.

What the news media didn't report was that the US government had known for a long time that someone had been in its computer systems - they just didn't know who. Then, in a fit of anger, the Chinese hackers caused some real damage - and gave away the hidden "location" of several "backdoors" they had built in US government networks. (See story at right for explanation of "backdoors.")

Now that this threat is known, most people might think it can be prevented from happening again. Not quite.

It's the foreign hackers who didn't lose their cool, say computer security experts, that everyone needs to worry about. These are the people who, at a time of conflict, will use still-undetected backdoors to gain entrance to government and military computers and corrupt or falsify strategic information.

Warfare at the speed of thought

"There is a hidden war going on at this very moment to penetrate corporation and government sites," says Ed Roche of The Concours Group, an international firm that studies Internet security issues.

Many computer security professionals and academics, such as Dr. Roche, say we are entering a new age of conflict, one that will be fought over networked computer systems like the Internet. And the ways we engage in these conflicts will affect more than soldiers on the battlefield. This new form of conflict could dramatically disrupt daily life in the US - power grids, phone systems, commuter trains, airplane guidance systems, to name a few.

The US Government Accounting Office estimates 120 groups or countries have or are developing information-warfare systems. According to a report issued by the Center for Strategic and International Studies, 23 nations have cyber-targeted the US.

The National Computer Security Center reported last year that of "520 large US corporations, government agencies, and universities that responded [to their survey], 64 percent reported intrusions, up 16 percent in a year. The Internet was the main point of attack."

And while more attention is being paid to developing adequate security for government networks, private commercial networks may prove to be the roads through which an information-warfare attack is launched on the US.

Anybody can get you anywhere

One reason for the problem is the speed at which the Internet has grown, Roche says. This rapid growth (which includes the rush to create e-commerce options for commercial Web sites and the movement toward just-in-time production that allows outside vendors access to a company's main computer network) has created holes faster than government and industry can close them. These holes can then be exploited by terrorists or foreign governments.

If, instead of attacking military systems and databases, an enemy attacked unprotected civilian infrastructure, the economic results would be disastrous, warned the 1994 Joint Security Commission's Report on Redefining Security. More than 95 percent of defense and intelligence community voice and data traffic uses the public telephone systems.

Attacks are already under way against both government and private computer networks in the US:

*The US defense department acknowledges that its computer systems are attacked 60 to 80 times a day. Most security experts say that the real number of attacks is higher.

*In January, a coordinated computer attack targeted the US Air Intelligence Agency. The attack appeared to come from Russia, although Russia may only have been used as a "screen" for the real location of the attackers.

*A private computer security firm hired by the US government found that a foreign nation had attempted to use computers to change the composition of tensile steel in an American steel-manufacturing plant. The aim was to cause the steel to crack when side stresses were placed on it during freezing conditions.

*A baby-food manufacturer discovered by accident that one of the standard components in its infant food had been increased 400 fold - to toxic levels. The manufacturer was unable to find out who broke into its system because the attack came through a vendor integrated into the company's network.

Also 1997's Operation Eligible Receiver demonstrated the potential vulnerability of the US government's information systems. The National Security Agency hired 35 hackers to launch simulated attacks on the national information structure. The hackers obtained "root access" - the highest level of control - in 36 of the government's 40,000 networks.

If the exercise had been real, the attackers would have been able to create power outages across Los Angeles, Chicago, Washington, and New York. They could have disrupted the Department of Defense's communication systems (taking out most of the Pacific Command) and gained access to computer systems aboard US Navy vessels.

It was a disturbing exercise. So much so, that several top White House officials have spoken of the possibility of an "electronic Pearl Harbor" attack on the US mainland. Added to these vulnerabilities is the fact that most Americans have no sense of how information warfare will affect them.

"When you think of cyber-warfare in terms of conflict, you have to broaden the context," says James Adams, head of Infrastructure Defense and author of 12 books on espionage and terrorism.

"In the past, we saw conflict as a range of things that happened terrestrially - terrorism on one end and global nuclear war on the other. That meant soldiers at the high end of conflict and civilians at the lower end.

"But in cyberspace," Mr. Adams says, "the front line has changed. All of us are now a part of the front line. The arena of conflict has widened, and it's not just those who are wired who are vulnerable. If a foreign government or a terrorist group takes out the New York power grid, it will affect those without computers as much as it will affect those with them."

If we want to see how much cyber-warfare has become a part of a country's arsenal, we need only look at the conflict in Kosovo, according to Adams. Serbia is a technology "have-not," while China is a technology "have." Yet both countries used the Internet to launch attacks on the US and NATO information structures.

"There are at least six nations right now who have active groups, paid by their governments, trying to formulate tools and procedures to cause computer terrorism in US corporations," says Jay Valentine, head of Infoglide, a database analysis company that works extensively with the US government.

"Those countries are Syria, Iran, China, India, Pakistan and Israel. [Other experts add France and Russia to this group.] Not all of them are bad guys, "Mr. Valentine says. "Some are doing it for defensive reasons, but they all have backdoors into American government computers. We have detected several 'software tools' which are used to erase 'computer fingerprints.' "

Not everyone, however, thinks the current situation is so bleak. "Everyone likes to talk about the 'electronic Pearl Harbor' or the 'electronic Waterloo' scenarios," says Wallace Theiss, a specialist in conflict and security issues. "For the time being I would be much more worried about governments and terrorists with bombs than with computers."

Meanwhile, the US government is taking information warfare seriously. President Clinton recently announced a $1.46 billion program to improve US government computer security, including the creation of special "Cyber Cop" units to work with both government and industry.

Senate Republicans want to give Dartmouth College enough money to create two laboratories to research ways to counter terrorists armed for biological or cyber-warfare. The FBI has created a special unit to deal with acts of computer sabotage and crime committed within the US. And the US has been actively using information-warfare weapons since the early 1990s, primarily as backup for battlefield operations but also to prepare for future wars that may be fought online.

"It is a very serious problem," says Adams. "And it's getting more serious day by day. The structures that we have held constant for many years are disappearing and we need to look at things with new eyes. After all, your defenses are only as good as the single event that takes you down."

*Next week, Part 2 looks at how terrorists are using technology for better communication and planning, as well as a new weapon.