From: believer@telepath.com Subject: IP: Cyberwar: Proper Vigilance Or Paranoia? Date: Tue, 06 Oct 1998 06:16:19 -0500 To: believer@telepath.com Source: ZDNet http://www.zdnet.com/intweek/printhigh/100598/cover/chapter1.html Cyberwar: Proper Vigilance Or Paranoia? By Will Rodger The last war was on land, air and sea. The next one may be on your computer. Armed with reams of data showing dramatic increases in computer crime since 1995, a wide-ranging but little-noticed federal working group is moving swiftly to try to knit together a private and public partnership against armies of hackers, government spies and terrorist agents that could make cyberspace unsafe for democracy. The fear: that no part of the industrialized world is safe from digital disaster. Successful attacks on power grids, hospitals, banks, farms, factories and railroad switches could plunge a target nation into chaos and dysfunction. Administration officials say this is no joke, ticking off threats already encountered: A 19-year-old Israeli hacker, known as the Analyzer, and two California teenagers successfully penetrate U.S. Department of Defense computers in February, setting off fears that their intrusions are related to U.S. troop buildups against Iraq. Russian hacker Vladimir Levin breaks into Citibank systems and steals $12 million in 1994. He escapes arrest for one year, only to be brought to justice as he gets off a flight to London and walks into the arms of Interpol. A study by network security specialist Dan Farmer that shows more than 60 percent of 1,700 high-profile Web sites - many run by banks - can be broken into or destroyed using a program he designed to probe for weaknesses no system administrator should allow in the first place. At the center of the U.S.' attempts to create a cyberdefense structure is the Critical Infrastructure Coordination Group, an assembly of cabinet undersecretaries and other senior officials sworn to work with the FBI and American business to protect a society that now depends on a safe, free flow of bits and bytes. But even as the defense structure emerges, civil libertarians, industry executives and even administration insiders worry about how well the Clinton administration or its successors can steer between protecting against all forms of disruption on one hand and creating a police state on the other. Fears that police agencies will use the threat to gain unprecedented power "reflect a misunderstanding of what we're all about and what the administration is all about," said Michael Vatis, director of the National Infrastructure Protection Center (NIPC) at the FBI. "We are structured as a real partnership [between government and free enterprise]. It's our own intention to bring people on board from the private sector. We all say the same thing." But James Adams, former chief executive officer of United Press International and head of the newly formed Infrastructure Defense Inc. consultancy, said government must surrender more power first. "I don't think the government can any longer say we know what's good for you and we're going to take care of it. The government is becoming increasingly irrelevant. I'm not arguing that's a good thing or a bad thing - it's simply a fact." Either way, bitter, seemingly endless disputes between the administration and the people whose cooperation it needs already have tainted the process of developing a national approach to protecting critical information assets, both sides said. A five-year battle over use and export of data-scrambling technologies crucial to data security, for instance, has alienated much of the computer industry. FBI demands that telephone companies spend hundreds of millions of dollars to make wiretaps easier to perform, meanwhile, have led to charges of betrayal by phone companies that claim they were promised more compensation than they're getting, and civil libertarians who say the new proposals invite abuse by rogue police. As a result, what should be a cooperative effort to secure the nation from outside attacks threatens to bog down in a morass of mistrust and stony silence. "Our members are scared to death of this whole program," a Washington association executive said, insisting on anonymity. "You've got the FBI and the National Security Agency pushing this thing. These guys are spies. Then there are these 'private sector' groups springing up to coordinate 'information sharing' about how different companies have these huge holes in their networks. Some of them are headed by ex-Defense Department people. The whole thing makes us paranoid." Worse, still, the lobbyist said: The nation's chief computer security organization - the secretive, estimated 50,000-employee National Security Agency (NSA) - is the same one responsible for wiretapping and signal interception everywhere outside the U.S. As long as the world's biggest Big Brother has a major role to play, business may be gun-shy of the program. ----------------------- NOTE: In accordance with Title 17 U.S.C. section 107, this material is distributed without profit or payment to those who have expressed a prior interest in receiving this information for non-profit research and educational purposes only. For more information go to: http://www.law.cornell.edu/uscode/17/107.shtml ----------------------- ********************************************** To subscribe or unsubscribe, email: majordomo@majordomo.pobox.com with the message: (un)subscribe ignition-point email@address ********************************************** www.telepath.com/believer **********************************************