*Sigh*

3-Day storm potential? Right.

Diane

SEPTEMBER 27, 1999

DOD preps for Y2K-related cyberattacks

Pentagon plans to beef up intelligence and creates a Year 2000 alert scale

BY DANIEL VERTON (dan_verton@fcw.com)

http://www.fcw.com/pubs/fcw/1999/0927/fcw-newsy2k-09-27-99.html

[Fair Use: For Educational/Research Purposes Only]

Fears that Year 2000 computer failures could provide cyberterrorists or hackers an open door to critical computer systems, the Defense Department has begun to boost intelligence operations and has put technologists on alert to better defend the nation's crucial networks.

DOD and intelligence officials are concerned that rogue nations or foreign intelligence agents may use Year 2000 failures as a smokescreen to take down or steal electronic information from sensitive DOD networks.

[Thought they were Y2K-OK?]

Officials also are concerned that the lack of Year 2000 status information on ports, airfields and telecommunications facilities worldwide may hinder plans to document military strategies for high-risk areas of the world, such as North Korea and Iraq.

A report released last week bolstered DOD's concerns. Sen. Robert Bennett (R-Utah), chairman of the Special Committee on the Year 2000 Technology Problem, released a report that warned the public that potential Year 2000 problems could give cyberterrorists access to government systems.

Sandia National Laboratories officials told the committee that "terrorists, hackers and other criminals might use Y2K-induced infrastructure failures as cover for theft, arson, bombings, etc."

To track the threat of terrorists using Year 2000 snafus to attack computers, the Pentagon has established five graduated Year 2000 alert levels that DOD will use to warn units of imminent Year 2000-related threats (see chart). The five readiness posture levels are intended to be "the minimum requirement" for all DOD organizations, according to an official Pentagon message sent this month to units throughout DOD.

DOD Y2K Posture Levels

Level One
Highest state of Year 2000 vulnerability. Widespread failures and deliberate information operations attacks probable. Augmented emergency watch teams and strict communications restrictions may be imposed.

Level Two
Localized disruptions probable. Technical support personnel may be placed on standby. DOD-wide communications restrictions may be imposed.

Level Three
Localized disruptions from Y2K-induced failures possible. Technical staffs will be augmented. Normal communications procedures will be followed.

Level Four
Disruptions unlikely. Normal staffing will be maintained.

Level Five
No Year 2000 vulnerability. No restrictions necessary.

Under the highest state of Year 2000 vulnerability -- Y2K Posture Level One -- DOD units are advised to prepare for "deliberate information operations attacks and opportunistic engagements by hostile forces."

Defense Secretary William Cohen is expected to issue the first Year 2000 posture statement after Sept. 30, according to the message.

Meanwhile, DOD's Central, European and Pacific commands have expressed concern about the lack of Year 2000-related intelligence information on key commercial ports, airfields and telecommunications facilities worldwide that the Pentagon may need to use during crises. According to a DOD message sent last month, DOD's Transportation Command, the principal agency responsible for transporting DOD personnel, supplies and equipment around the world, has identified 98 installations in 32 countries as "key to the execution" of responding to any Year 2000 crises.

"[The Central Command] needs help with commercial ports [and] airfields for which little information is readily available," the message stated. "Saudi Arabia and Kuwait are key countries," and power, water and communications systems are the main problem areas, according to the message. The message outlined similar challenges being faced by other regional commands, including U.S. forces in South Korea, and alluded to the need to expand the Pentagon's host nation telecommunications studies.

The lack of substantive information and the potential for hackers and foreign intelligence agents to exploit gaps in DOD's Year 2000 preparedness have compelled intelligence and security officials to take part in joint planning sessions.

The Joint Task Force for Computer Network Defense (JTF-CND), which organizes the defense of DOD computer networks and systems, and the FBI's National Infrastructure Protection Center, which leads the federal response to cyberattacks, are sponsoring a conference Oct. 4 and 5 called "Preparing for the Cyber War." The program will offer a classified look at intelligence, law enforcement and counterintelligence issues, as well as JTF-CND's Year 2000 operations plan.

The Information Warfare Support office in the Defense Intelligence Agency (DIA) plans to host a top-secret briefing Oct. 7 to determine how the intelligence community plans to collect and share information on malicious network activity that may take place during the Year 2000 date change.

DIA is billing the conference as "an analytic exchange" focusing on computer network attacks and computer network exploitation associated with Year 2000.

"There are no real usable charts when it comes to the new terrain of cyberspace," said Navy Cmdr.

Robert Gourley, chief of the intelligence division at the JTF-CND, during the agency's recent ribbon-cutting ceremony. The presence of online terrorists and espionage agents "has given rise to the need for an on-scene intelligence capability," he said.

Steven Aftergood, an intelligence specialist working for the Project on Government Secrecy at the Federation of American Scientists, said there is no way of knowing what steps are being taken to prepare from an intelligence perspective, but "it must include intelligence collection on known and suspected cyberthreats as well as defensive measures to reduce vulnerability of vital systems and to increase redundancy" of systems.

Allen Thomson, a former CIA analyst, said the likely threat from Year 2000 is the potential disruption of logistic trains that depend on companies and countries that have not taken proper precautions. "I'd hope U.S. forces have enough beans and bullets to last a couple of weeks if the suppliers and intermediate transportation links couldn't function for a while," Thomson said.

-- Diane J. Squire (sacredspaces@yahoo.com), September 27, 1999

Answers

SEPTEMBER 27, 1999
Intercepts
BY BOB BREWIN (antenna@fcw.com)

http://www.fcw.com/pubs/fcw/1999/0927/fcw-b&fintercepts-09- 27-9.html

[Fair Use: For Educational/Research Purposes Only]

RAISING THE CYBERWAR ANTE. Deputy Secretary of Defense John Hamre has repeatedly forecast that DOD and the United States' critical infrastructure will sooner or later face "an electronic Pearl Harbor" unless the nation can figure out a better way to protect its information systems against unabated and increasingly sophisticated cyberattacks.

This month, Marv Langston, the Pentagon's deputy chief information officer, advanced that analogy. "Information warfare is today's equivalent of [the threat of] nuclear war" during the Cold War era, Langston told a group attending a breakfast at the Capitol Hill Club.

Langston said information warfare attacks pose "a serious threat to the U.S.," not only to DOD but also to the nascent World Wide Web- based electronic-commerce industry, which he described as working with a "fragile security structure." The true potential of e-commerce, he added, "will not happen without a strong security infrastructure."

That's why the Interceptor prefers cash -- except when purchasing airline tickets, where e-commerce is the way to go. Humorless airport security types view a frugal person making a ticket purchase in cash as tantamount to being a security threat.

[snip]

-- Diane J. Squire (sacredspaces@yahoo.com), September 27, 1999.

See also... all in todays issue...

Curious, eh?

SEPTEMBER 27, 1999
Kosovo ushered in cyberwar
BY BOB BREWIN (antenna@fcw.com)

http://www.fcw.com/pubs/fcw/1999/0927/fcw-newscyberwar-09-27- 99.html

SEPTEMBER 27, 1999
Russia hacking stories refuted
DOD sources say U.S. military secrets were not compromised
BY DANIEL VERTON (dan_verton@fcw.com)

http://www.fcw.com/pubs/fcw/1999/0927/fcw-agrussia-09-27- 99.html

SEPTEMBER 27, 1999
Clinton seeks $39M for security
(White House seeks $39 million more for IT security)
BY DIANE FRANK (diane_frank@fcw.com)

http://www.fcw.com/pubs/fcw/1999/0927/fcw-newsclinton-09-27- 99.html

-- Diane J. Squire (sacredspaces@yahoo.com), September 27, 1999.

I'll go on record here and say that much (if not all) of the news concerning cyber threats and electronic terrorism is by and large a bunch of misinformation and diversion.

I'll state what I can and whether you choose to believe me or not is up to you, but do your own research, nonetheless.

1. I've worked on both sides of the fence in the Information Warfare category. I've done Tiger Team attacks on US interests under the direction of one or more of the alphabet agencies. I work now to protect some of the same interests from attack.

2. The crackers that get the publicity are, by and large, what we call 'script kiddies' that are testing out their new toys. It used to be a requirement to have a modicum of knowledge of computer internals to be able to crack a system. Such is not the case anymore as anyone can search, DL and run any one of several programs that will do the majority of the work for them. See http://packetstorm.securify.com for some examples.

3. With apologies to some of my friends in the Gov't sector, the US Gov't does NOT hire the best available people. They are limited by the EEOC, quotas and political correctness. They look for people that will fit into the 'structure' and not make waves, but will do what they are told. It's much easier to make money in the private sector than with the gov't. You knew these people in high school... they were the ones that made straight "C" (or below) averages and are promoted based on the level of their incompetence, their sex, skin color, sexual orientation and political beliefs.

4. The Gov't is notoriously behind the technology curve in most infrastructure industries (NSA and CIA notwithstanding). They take a band aid approach to nearly everything and bureaucracy and mismanagement soaks up the majority of money that is funded to improve computing facilities.

The "we've fixed our computers, but we have to be aware of cyber attacks" is a bunch of crap. The great crackers (of which I know quite a few) will never be caught due to paranoia, lateral thinking (which no gov't bureaucrat seems to be capable of), and covering their tracks.

Again, do your own research. Do not take what I say as gospel until you verify it for yourself. It certainly won't be easy, but if you ask the right people the right questions, you'll find out what I am saying is on the mark.

-- Can't say now (still-cl@ssified.govt), September 28, 1999.

So... Can't say now (still-cl@ssified.govt),

Why do you think there's such an empahsis on the cyber-terriorist issue... this year... at this time... with less than 100 days to go?

More "set-ups" for diversionary dot gov and dot mil finger-pointing after the 2000 roll?

Would you say the government/military Y2K readiness/remediations are "worse" than what we think? Better? Or Marginal... at best?

Thanks,

Diane

-- Diane J. Squire (sacredspaces@yahoo.com), September 28, 1999.

Diane,

It provides a very convenient excuse *if* something happens. Possibly, it leads to one or more of the following:

1. Scapegoat - "We had our computers ALL fixed (despite all evidence to the contrary, but those no-good cyber-terrorists penetrated our defenses and (took them down, gave us virii, inserted a worm - pick one)and that has left us in this predicament. There are definite ways to disprove all of this, but don't suspect that you will ever hear about it.

2. Justification for WJC to stay in office - The rhetoric is good. "My fellow American's, we've fixed our computers, but cyber-terrorists have succeeded in penetrating our defenses and are causing all of the problems you are seeing. We need to set aside partisan politics and get this fixed and to that end I vow to stay in office until such time as we get all of this straightened out." Kind of scary, huh?

3. Justification for martial law - harkens to the Japanese-Americans that were rounded up in WW2. Also see the Alien and Sedition Acts. It's interesting that the new EO on Federalism was once again brought to light recently.

4. Class warfare - rich/poor, left wing/right wing, black/white, technogeeks/luddite, whatever, it all boils down to divide and conquer.

My personal thoughts are interruptions in the 7-8 range on a 10 scale. I think that anyone who believes what the gov't has to say about Y2K is fooling themselves either because they are not capable of facing it or they are not capable of reason and rational thought.

Gov't/.mil readiness is marginal, at best. Computer talent is even less than marginal. I've met people that have worked in the gov't sector for 15+ years in the computer field that I wouldn't give a front line help desk position to. Obvious exceptions do exist, the Air Force and NSA, for example.

However, they do have an "unlimited" budget as they would be the enforcement arm should things get bad. The role of the military is to break things and kill people. Whether my friends there would obey to an unlawful command, I cannot pretend to answer, but I suspect that if it came down to them or you, guess who it would be?

-- Can't say now (still-cl@ssified.govt), September 28, 1999.

I agree, they have been setting this scenerio up for at least the last three or four months. You watch for more articles like this:

Hacker Threatens To Leave Country In The Dark 8:09 a.m. ET (1215 GMT) September 28, 1999

BRUSSELS  A computer hacker has threatened to break into the computers of Belgian electricity generator Electrabel Wednesday afternoon and halt the power supply to the entire country.

"Tomorrow I will leave Belgium without power, and that is not so difficult,'' the anonymous hacker told the Belgian newspaper Het Laatste Nieuws.

"Wednesday I will get into Electrabel's computers between 1:30 and 3:30 in the afternoon and shut down all the electricity,'' the hacker said.

Electrabel, which has a virtual monopoly on Belgium's electricity market, said it was taking the threat seriously but felt that the hacker had little chance of succeeding.

"There is very little chance that Belgium could be without power,'' Electrabel spokesman Phillipe Massart told RTBF television. "Nonetheless, the risk that someone could access the system always exists.''

Massart said the systems that pilot Electrabel's power distribution were developed specifically for the company and have protected connections. He said the company was taking measures to ensure its security.

Link

-- Homer Beanfang (Bats@bellfry.com), September 28, 1999.

Homer, I think that this, truly, will be a non-event. I'll be watching the news since Belgium is several hours ahead of us.

-- Can't say now (still-cl@ssified.govt), September 29, 1999.

Did anything happen with the power in Belgium?

-- Jay (havocuz@mindspring.com), September 29, 1999.

Can't say:

Sir (or Ma'am), do you assume that power is more vulnerable than has been stated?

Some days it seems that FOF has been privately agreed to be an acceptable approach in regard to electricity. (As long as disruptions are guaranteed to be ~72 hours or less, of course.)

-- lisa (lisa@work.now), September 29, 1999.