Friday, October 15, 2010

Cyber Warfare or Cyber Espionage?...

How much do we depend on electricity?  What if it was lost for 5 weeks in most of the nation?  Can this happen?

The answer is yes.  We could lose our power causing near catastrophic consequences for the United States and the world.

There are two basic views of cyber warfare.  The first view is that it is true and a real threat.  The second is that cyber warfare is overhyped for the purposes of increasing budgets, giving power to national security agencies, private corporations and the military.  Watch these two videos which will express both opinions.

Richard Clark's Book Cyberwar
This book has been both well received and criticized by some, for producing misstatements and spreading rumors.  The first example critiqued, is Clark's citing of a power outage in Brazil as the work of computer hackers getting into the electrical grid infrastructure.  In November 2009 60 Minutes which when speaking to John Lewis, a former State Department official, stated that the blackout was the work of hackers.  However, a year long in production report from the Brazilian authorities stated that they were not aware of any computer sabotage.  President Obama according to Lewis was referring to Brazil when he referred to cyber attacks on the United States and "other countries" in May of 2009 speech.

According to an MSNBC report of January 2008, the hackers also demanded extortion payments or threatened to shut off the power.  Stated by Alan Paller, director of the SANS Institute that deals with cyber crimes, "Hundreds of millions of dollars have been extorted, and possibly more.  It's difficult to know, because they pay to keep it a secret...this kind of extortion is the biggest until story of the cybercrime industry."

Threat to Infrastructure: SCADA
SCADA (Superisory Control and Data Acquisition) it is a software protocol for controlling industrial systems, such as valves, gauges and other computer systems.  SCADA controls everything from power plants, water filtration, natural gas, oil pipelines to dams to public transit.  One security analyst, Ganesh Devarajan envisioned a contaminant placed in a water reservoir, and the water-quality sensor, being tampered with to show no detection.  Here is an example of an experiment that was done named Aurora Project, that tested the vulnerability of our electrical infrastructures.

Other blackouts have been blaimed on cyber terrorism.  In 2003 the northeastern United States suffered a blackout, which was connected by some to the Chinese People's Liberation Army.  Another blackout in Florida in 2008 was also attributed to the Chinese.  At least this is the opinion of Tim Bennett, a security analyst, who was the head of CSIA (Cyber Security Industry Alliance), which has since, merged with TechAmerica.  It is interesting to note, however, that publicly, none of these blackouts whether the one in Brazil, the one in the northeast, or the one in Florida has been publicly attributed to any cyber attacks.
"...L0pht said that, in a matter of 30 minutes, they could make the entire Internet unusable for a couple of days" 1998, Senate Hearings

Some critics on the emphasis, on the part of the federal government on cyber activities, pointing to an attack on the infrastructure of the government, would require a national-level attempt on the part of the attackers.  These attackers would have to know a lot of things according to Mr. Tanji, a Wired Staff writer, such as where the power plants are, the kind of plants they are, the materials and technology used to build them, the manufacturer of the generators, turbines and other key equipment, the software version of the SCADA they are using, how do the fuel, people and supplies get into the facility as well as the nature of their security.  But this does not seem like much of an objection.  If, the Chinese are involved, they would certainly have national-level resources.  Also we do not see how a cyber attack requires knowing anything about how supplies get in and the kind of security they have. 

There are positive moves being made by the federal government, especially
DARPA, in hiring the kind of people that will innovate change such as Peller "Mudge" Zatko himself a former law breaking hacker, who now heads the Strategic Technologies Office at DARPA.  President Obama has asked for funds to secure the power grid, although the order of what is to be done seems a bit confused.  Nevertheless, it would seem that many of these claims of cyber attacks by the federal authorities are valid.  If these blackouts were caused by the Chinese, we doubt the companies would ever admit it and lose credibility, as well as cause fears among the public.

Nuclear Power Plant Attacks

In 2003, computers infected with the Slammer worm, affected the display systems at the Davis-Besse power plant in Ohio.  The danger of malicious infiltration of nuclear facilities continues according to the Department of Homeland Security.  This dangerous state of events is not static however, and progress has been made.  According to a CNN report, nuclear facilities in the United States are much more secure now than in  2001.  A total of 2 billion dollars has been spent shoring up security, making them the most secure types of energy plants in the country.

EMP (Electromagnetic Pulse) Threat

Electromagnetic pulses were first observed as the results of atomic explosions.  Apart from the usual damage caused by heat, it was noticed, that electrical devices were damaged that were at a far distance.  Atomic detonations produce three types of EMP pulses.  All three affect different kinds of electrical devices and circuits.  Watch these two videos to explain this phenomena.

In 2004 and 2008, reports were given to Congress by two commissions, on our preparedness for an EMP attack.  The 2008 report has some interesting quotes: 
Infrastructure failure at the level of food distribution because of disruption of the transportation system, as is likely during an EMP attack, could bring on food shortages affecting the general population in as little as 24 hours. Massive traffic jams are most likely in large cities, the very areas where rapid replenishment of the food supply at hundreds of supermarkets will be needed most urgently. Significantly, recent famines in the developing world have occurred, despite massive relief efforts by the international community, in large part because food relief could not reach victim populations through their underdeveloped transportation infrastructure.
Another quote, discusses what might happen to the economy after such a catastrophic event: 
An EMP attack that disrupts the financial services industry would, in effect, stop the operation of the U.S. economy. Business transactions that create wealth and jobs could not be performed. Loans for corporate capitalization and for private purposes, such as buying homes and automobiles could not be made. Wealth, recorded electronically in bank databases, could become inaccessible overnight. Credit, debit, and ATM cards would be useless. Even reversion to a cash economy might be difficult in the absence of electronic records that are the basis of cash withdrawals from banks. Most people keep their wealth in banks and have little cash on hand at home. The alternative to a disrupted electronic economy may not be reversion to a 19th century cash economy, but reversion to an earlier economy based on barter.
Here is a map that was submitted to the Congress in 1997, illustrating what a nuclear detonation would do to the electrical grid depending on whether it was detonated, 30, 120 or 300 miles above the United States.

There is a way that an EMP signal can be sent without a nuclear detonation.  This is called an ebomb, or sometimes HMP (High-Power Microwave).  Here is a sobering passage from a website which discusses this ebomb in detail.
At the time of writing, the United States and the CIS are the only two nations with the established technology base and the depth of specific experience to design weapons based upon this technology. However, the relative simplicity of the FCG and the Vircator suggests that any nation with even a 1940s technology base, once in possession of engineering drawings and specifications for such weapons, could manufacture them.
It further goes on to say,
While the relative simplicity and thus low cost of such weapons can be considered of benefit to First World nations intending to build viable war stocks or maintain production in wartime, the possibility of less developed nations mass producing such weapons is alarming. The dependence of modern economies upon their information technology infrastructure makes them highly vulnerable to attack with such weapons, providing that these can be delivered to their targets.
In a report issued to Congress in 2004 on EMP and HEMP (High Altitude Electromagnetic Pulse) and HMPs, it was stated that,
A smaller-scale HPM weapon requires a relatively simple design, and can be built using electrical materials and chemical explosives that are easy to obtain. It is estimated that a limited-range suitcase-sized HPM weapon could be constructed for much less than $2,000, and is within the capability of almost any nation, and perhaps many terrorist organizations.43 Recently, DOD recruited a scientist to create two small HPM weapons for testing using only commercially available electrical components, such as ordinary spark plugs and coils. One device was developed that could be broken down into two parcels so it could be shipped by regular mail, for example, from one terrorist to another. The second HPM device was constructed to fit inside a small vehicle.  Aside from specially-trained dogs, experts reportedly say there are no scientific methods that currently allow easy detection of an explosive device hidden in a vehicle or inside a suitcase before it can explode.
Whether this state of affairs has changed since 2004 is uncertain.   In case we have not frightened you enough, here are some possible scenarios suggested by EMCSignal, a company that sells its services to protect infrastructures from this damage.
Terrorists are most likely to use E-weapons against massive commercial applications targets, as described above. A seemingly innocent car driving along a highway near a power plant can carry a device able to take out any electronic function within a one-mile range and initiate a chain reaction (domino effect) in the power plant with unpredictable consequences.  Another scenario could involve an individual carrying an attach? case, entering a transaction room in a bank or stock exchange and crippling the computers and network on the entire floor. The damage and chaos would be huge.
For those who are skeptical that the Chinese are not committing cyber attacks on different countries in the world, especially the United States,  you can read a Time Magazine article that appeared in 2005 which describes in detail how the Chinese were detected. There is another report that the Chinese were able to do espionage on US officials visiting China.
During a trip to Beijing in December 2007, spyware programs designed to clandestinely remove information from personal computers and other electronic equipment were discovered on devices used by Commerce Secretary Carlos Gutierrez and possibly other members of a U.S. trade delegation, according to a computer-security expert with firsthand knowledge of the spyware used. Gutierrez was in China with the Joint Commission on Commerce and Trade, a high-level delegation that includes the U.S. trade representative and that meets with Chinese officials to discuss such matters as intellectual-property rights, market access, and consumer product safety. According to the computer-security expert, the spyware programs were designed to open communications channels to an outside system, and to download the contents of the infected devices at regular intervals.
 The issue of whether all these attacks on our infrastructure will encourage Congress to expand the espionage activities of the National Security Agency remains to be seen.  It is our opinion, that the days of privacy have long passed with regards to the Internet.  By it's nature, the Internet demands revelation and sharing of EVERYTHING.  This is a new world. It is certain to make all of us uncomfortable.  But, it is unstoppable.  Perhaps, we must redefine privacy.  Perhaps, we must start to look at ourselves as if we were living in a small village, where all know everything about everyone.  Governments must understand that the same Internet which they may use to spy on their own citizens, or on other countries, will be turned in on them as well.  They may think there are safeguards to this, but they will be only temporary.  The Internet will not tolerate it.  We are all being drawn in on a web, a cyber networked web.  We will have to learn to live with each other in peace.  Perhaps this technology, will drive us there in the long run after many bad experiences.  It is the old mexican standoff - be careful what you say and do to us, because you yourself, will be revealed in all your secrets.

No comments: